Kaspersky Anti Targeted Attack Platform

Viewing the table of objects quarantined on computers with the Kaspersky Endpoint Agent component

The table of objects quarantined on computers with the Endpoint Agent component can be found in the Storage section, Quarantine subsection of the application web interface.

The Kaspersky Anti Targeted Attack Platform server stores metadata of objects quarantined on computers with the Endpoint Agent component. The objects themselves are kept in special storage on each computer where the threatening object was detected.

The table of objects quarantined on computers with the Endpoint Agent component contains the following information:

  1. Object—Information about the object. For example, the file name or file path.
  2. Source—IP address or host name of the computers with the Endpoint Agent component where the object is quarantined.
  3. Time stored—Date and time when the object was quarantined.
  4. State—State of the object.

The right part of the object information row contains buttons:

  • You can click apt_icon_storage_delete to delete the metadata of the object on the Kaspersky Anti Targeted Attack Platform server.
  • You can click Apt_icon_quarantine_restore to restore the object from Quarantine on a computer the Endpoint Agent component.
  • You can click Apt_icon_quarantine_get_file to copy the object from Quarantine on the computer with the Endpoint Agent component to the Kaspersky Anti Targeted Attack Platform server.

Clicking the link with the file name or file path opens a list in which you can select one of the following actions:

  • Filter by this value.
  • Exclude from filter.
  • Download.
  • Send file for scanning.
  • Find events:
    • File path
    • MD5
    • SHA256
  • Find alerts:
    • File path
    • MD5
    • SHA256
  • Copy value to clipboard.

Clicking the link with the host name opens a list in which you can select one of the following actions:

  • Filter by this value.
  • Exclude from filter.
  • Find events.
  • Find alerts.
  • Copy value to clipboard.

See also

Managing objects in Storage and Quarantine

Viewing the table of objects that were placed in Storage

Viewing information about an object manually placed in Storage using the web interface

Viewing information about an object placed in Storage by a get file task

Viewing information about an object placed in Storage by a get data task

Downloading objects from Storage

Uploading objects to Storage

Sending objects in Storage for scanning

Deleting objects from Storage

Filtering objects in Storage by object type

Filtering objects in Storage by object description

Filtering objects in Storage based on scan results

Filtering objects in Storage based on the name of Central Node, PCN, or SCN server

Filtering objects in Storage by object source

Filtering objects based on the time they were placed in Storage

Clearing a Storage objects filter

Viewing information about a quarantined object

Restoring an object from Quarantine

Obtaining a copy of a quarantined object on a Kaspersky Anti Targeted Attack Platform server

Removing information about the quarantined object from the table

Filtering information about quarantined objects by object type

Filtering information about quarantined objects by object description

Filtering information about quarantined objects by host name

Filtering information about quarantined objects by time

Resetting the filter for information about quarantined objects

Page top
[Topic 247433]