Threats report

The threats report contains information on viruses and other malware detected on protected virtual machines, as well as the details of the results of the actions performed on the files in which the threats were detected.

The Period field displays the period of time covered by the data included in the report. By default, the report contains for the last 30 days, including the report generation date.

It contains the following consolidated information:

• Detected object. The name of the object that has been detected on protected virtual machines.
• Object type. The type of object detected.
• Threats detected. The total number of the specified objects detected on the protected virtual machines for the reporting period.
• As rated by KSN. The number of objects detected with KSN.
• Different files. The number of files containing the detected object.
• Devices infected. The number of protected virtual machines on which the specified objects have been detected.
• First attempted run blocked. The date and time of the first detection of the object on the protected virtual machines.
• Last attempted run blocked. The date and time of the last detection of the object on the protected virtual machines.

  The row below contains the following consolidated information:

  • Threats detected. The total number of different objects detected on all protected virtual machines for the reporting period.
  • Different files. The total number of files containing detected objects on all protected virtual machines.
  • Devices infected. The total number of protected virtual machines on which the objects were detected in the reporting period.
  • Groups infected. The total number of Kaspersky Security Center administration groups that include the devices on which the objects were detected. This field always displays a 0, because protected virtual machines cannot belong to Kaspersky Security Center administration groups.

The report contains the following detailed information about each instance of threat detection:

• Device. The name of the protected virtual machine on which the object was detected, and the path to the virtual machine in the virtual infrastructure.
• Detected object. The name of the object that has been detected on the protected virtual machine.
• Detected at. The date and time of object detection on the protected virtual machine.
• File path. The path to the file containing the detected object on the protected virtual machine.
• Object type. The type of object detected.
• Action. The result of the action taken by Kaspersky Security on the detected object.
• Application. The application that detected the object.
• Version number. The version number of the application that detected the object.
• Last visible. The date and time of the last event associated with the protected virtual machine on which the object was detected.
• IP address. The IP address of the protected virtual machine on which the object was detected.
• NetBIOS name, DNS name. The name of the protected virtual machine on which the object was detected, and the path to the virtual machine in the virtual infrastructure.
• Component. The name of the component that detected the threat. Possible values: Scan task, File Threat Protection.
• Detection technology. The technology used for detecting the threat. Possible values: Expert analysis, Automatic analysis, Cloud analysis.