Good morning
I have some questions about push operations.
I was testing a bit, but could not find much information about these operations.
My endpoint server is R80.30 and security enpoints are E82.30
1.- Push operation Sanblast Agent Anti-ransomware, behavioral Guard and forensics.
With these operations, can I create incident reports on any URL, process or computer file?
i try to collect event of www.youtube , but i cant find any log , i have activate (sanblast,antibot-antimalware,plugin of chrome,etc).
1.1.- so the question is I can create incident reports of any URL?
i try too analyze by proces and file and said thats work , but I looked at the endpoint and smartevent but I could not find the report.
1.2.- where is the report save?
I looked at the endpoint and smartevent but I cant find the report
Also for file remediation I get an error and I could not quarantine or restore files.
1.3.- How can I move a file to quarantine or get it out of there, using push operation forensicts (sandblast agent anti-ransomware, forensic, etc)?
i try with the push operation of antimalware and works ,but not with the push operation forensicts (sandblast agent anti-ransomware, forensic, etc).
2.- Client settings
What is the utility of Collect client logs?
When I opened a case it asked me for a cpinfo, I asked if it could execute with the push operation collect client logs , but he said me not, please do it manually and with detail level extended, it is not the same ?.
According to logs collected will be located in a shared folder on the computers
Search for the cpinfo on the computer, but it was located in the cpinfo file(this file is not shared).
Is it possible to specify this? I understand that R80.40 is possible, but in R80.30 I can't find where to do this configuration.
2. 1.-Another thing is that this cpinfo, weighs less than the cpinfos made manually (through the agent), tried with extended and basic, but even the basic is heavier than the one made by the push operation,what is the difference ?.What is the utility of Collect client logs?
Sorry for my bad English, and thank you very much for your time and help.