HTTP/S Malware blocked in Weekly Executive Report

Check in 'Logging & Reporting >> Web Protection'.  Does that do what you need?

Cheers - Bob
2017-02-21: Corrected "Filtering" to "Protection" Thanks to sectorblue's comment below.

We searched last week's Web Filter logs using grep without any results. With 10 million lines, its a literal needle in a haystack. Anything in particular we should use as a keyword (other than "malware")?

You misunderstood my post above. Look in 'Reporting'.

Cheers - Bob

There is not a Web Filter option under Logging & Reporting but there is a Web Protection option. We located the Virus Downloaders report, but that provides an empty result for the past month. We suspect the UTM categorizes a virus different than malware. There is no malware related report that we can find on this screen.

Hi there,

one of my customers ask me the same. I couldn't answer him. I also can't find a report view where malware instead of virus is shown. Only the executive report shows malware hits. The executive report has shown 300 malware hits one day.

Maybe, this is a Bug!?[:O] Since one year?

regards

mod

Guys, each of you please open a case with Sophos Support.  This is some kind of glitch.

Cheers - Bob

case is opened in Germany, ID = 7075926

case is opened in Germany, ID = 7075926

Hello

I've also seen "HTTP/S Malware" in my Daily Executive report a few times but cannot seem to find any details on it via Logging & Reporting.

We use iView and I can't see any Virus' for those days either.

Did anyone find a solution to being able to see further information on the Malware?

Using UTM 9.509-3

Many thanks

Hello

I've found the location:

> Go to Logging & Reporting

> Web Protection

> Under the "Available Reports" drop down menu (top right), select "Categories"

> Select the date range to search

> Sort the Categories by Name (or just scroll down the list and look for "Malicious Sites")

> Now you can select different views (e.g. Users, URLs etc.)

Many thanks