cortex-xdr 2.3-how to check scan report

Reply

cortex-xdr 2.3-how to check scan report

Hi Team,

 

How to find cortex xdr on-demand scan report and also how to check what was the duration of scan time?

Highlighted
L4 Transporter

Hi @Marsooq-Akkaradathil-

 

You can view the results of the scan report in the Action Center.  Begin by going to Response > Action Center

 

Within the All Actions list, locate your malware scan, right-click and select Additional Data.

dfalcon_1-1591165528347.png

 

If there were malicious files, they will show up here.  You can right-click and select View related alerts to see the malicious files and investigate deeper. 

 

 

dfalcon_0-1591165419334.png

(Actual alerts below)

 

dfalcon_2-1591165880680.png

 

As far as the scan duration, I didn't see the full run time in the console.  You can, however, view this information from the agent by clicking on the scan tab.  I will check if a feature request has already been submitted for scan duration to be included from the console.  One more note on this -- the scans are not super fast by design.  The decision was made to allow the scans to run longer so that less system resources would be consumed. 

 

Hope this helps.

 


David Falcon 
MDR Systems Engineer, Cortex
Palo AltoNetworks® 
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!