ScreenOS Firewalls (NOT SRX)
Showing results for 
Search instead for 
Do you mean 
Posts: 13
Registered: ‎07-22-2008
0 Kudos

Antivirus Report



How can I see the files that were infected and wich were recognized by the antivirus?

With the command “get av statistics” I see this:


No Scan: Max Msg:            0
No Scan: Max Content Size:   6
Fwd to Scan Engine: Total:   69234
Fwd to Scan Engine (scan-all):          0
Fwd to Scan Engine (scan-intelligent):  69226
Fwd to Scan Engine (scan-ext):          0
Scan Code: Clear             68961
Scan Code: Infect            230


Is there any report of these 230 files?



Trusted Expert Trusted Expert
Trusted Expert
Posts: 791
Registered: ‎07-26-2008
0 Kudos

Re: Antivirus Report



Actually, I think you need to review the "get event" log output to determine if virus has been detected.

The event log is going to look something like this :


IP address:integer->IP

address:string%.64sstringfile %.64s virus string

Meaning  The AV scanner has detected a virus in the traffic from the specified

source IP address and port number to the specified destination IP

address and port number. The text string at the end of the message

contains the name


The full Netscreen Event log can also be downloaded from the following go to the section on "CLI & Messages":

Ref to Chtp 6 : Antivirus




****pls click the button " Accept as Solution" if my post helped to solve your problem****