03-05-2009 02:30 PM
How can I see the files that were infected and wich were recognized by the antivirus?
With the command “get av statistics” I see this:
No Scan: Max Msg: 0
No Scan: Max Content Size: 6
Fwd to Scan Engine: Total: 69234
Fwd to Scan Engine (scan-all): 0
Fwd to Scan Engine (scan-intelligent): 69226
Fwd to Scan Engine (scan-ext): 0
Scan Code: Clear 68961
Scan Code: Infect 230
Is there any report of these 230 files?
03-06-2009 10:54 AM
Actually, I think you need to review the "get event" log output to determine if virus has been detected.
The event log is going to look something like this :
Message AV: VIRUS FOUND: 〈IP address〉:〈integer〉->〈IP
address〉:〈string〉%.64s〈string〉 file %.64s virus 〈string〉
Meaning The AV scanner has detected a virus in the traffic from the specified
source IP address and port number to the specified destination IP
address and port number. The text string at the end of the message
contains the name
The full Netscreen Event log can also be downloaded from the following go to the section on "CLI & Messages":
Ref to Chtp 6 : Antivirus