The Details tab provides details of the selected host. To access this view, go to INVESTIGATE > Hosts, and select a host from the Hosts view.
*You can perform this task in the current view.
- Focusing on Endpoint Analysis
- Investigating Hosts
- Analyzing Events
- Performing Host Forensics
- Isolating Hosts from Network
Below is an example of the Details tab:
Agent and Scan Details. You can view the following agent and scan details of the selected host:
Host name - Name of the host. For example, WIN-ABC.
Risk score - Risk score of the host.
Operating System - Operating system on which the agent is running (Linux, Windows, or Mac).
Agent Scan Status - Current status of the scan - Idle, Scanning, Starting Scan, or Stopping Scan. For more information, see Scan Hosts.
Agent Last Seen - Time when the agent last communicated with the Endpoint server.
Agent Version - Version of the agent. For example, 18.104.22.168.
More - Provides options to:
Snapshot Time - Lists scanned time stamps. To view the scan history, you can select the snapshot time from the drop-down menu.
|2||Search on Snapshots. Lets you search on all snapshots (file name, file path, and SHA-256 checksum). For more information, see Search on Snapshots.|
|3||Show/Hide Right Panel - Displays host and policy details panel.|
Host Details Panel - Displays all properties of the selected host. It is grouped as follows:
Groups - Groups on which the host is added on.
User - Information related to the user.
Network Interfaces - Network adapter information, such as Mac Address, Gateway.
Operating System - Operating system version and build information.
Agent - Agent-related information, such as agent ID, driver error code, install time, and agent mode.
Hardware - Information related to the architecture.
Locale - Time zone and language that is local to the host.
Policy Details Panel - Displays the following:
Alerts Severity - Displays list of distinct alerts, such as Critical, High, Medium and All, along with the total number of events associated with the alert.
Displays events for an alert and metadata associated with a specific event. For more information, see Analyze Hosts Using the Risk Score.