The Downloaded files list displays all of the distinct files that have been downloaded by hosts in the network and processed by the NSX Advanced Threat Prevention service.
The Quick search text box in the upper-left corner of the list provides fast, as-you-enter search capability. It filters the rows in the list and displays only those rows that have text, in any column, that matches the query string that you entered in the search text box.
To customize the columns displayed in the list, click the icon located in the upper-right corner of the list.
You can customize the number of rows to be displayed. The default is 20 entries. Use the and icons to navigate through multiple pages.
Each row is a summary of a downloaded file. Click the icon or anywhere on an entry row to access a detailed view of the downloaded file.
|MD5||The MD5 hash of the downloaded file.|
|Type||The high-level file type of the downloaded file. Supported types are currently:
Size in bytes of the downloaded file.
Number of times that the file was downloaded by hosts in the network.
The displayed number and provide a link to the detailed downloads page. The link passes an Analyst UUID filter that restricts the view to downloads of this specific file.
A label defining the antivirus class of the downloaded file. If the label has a , you can click that icon for a description in a pop-up window.
A label defining the malware type of the downloaded file. If the label has a , you can click that icon for a description in a pop-up window.
The score assigned to the downloaded file by the analysis indicates the critical level of the detected threat and ranges from 0-100:
For details about maliciousness core and risk estimate, see Analysis Report: Overview Tab.
If the icon appears, it indicates the artifact has been blocked. The list is sorted by decreasing order (most critical threats at the top). Click to sort the list in increasing order (least critical threats at the top), then click to toggle back to the default.