Cloud file analysis produces a report that contains detailed results of an analysis submission.

You can view this analysis report from the Potential Malware page or the All Files page on the Malware Prevention dashboard.

Procedure

  1. From your browser, log in to an NSX Manager at https://nsx-manager-ip-address.
  2. Click Security, and then in the left navigation pane, click Malware Prevention.
    The Potential Malware page is displayed. You can do the subsequent steps either on this page or on the All Files page.
  3. (Optional) Click the filter icon at the top-right corner of the page, and select the criteria to filter the information displayed on the page.
    Filtering the information can help you quickly find the file that is of interest to you. For example, you can select the Verdict criterion, and then select the Malicious option to view files with only malicious verdict on the page.
  4. In the table, expand the row of the file.
    When a file hash is submitted to the cloud for a detailed analysis either during the last inspection or in any of the previous inspections, the Analyst UUID field displays a value. The presence of this value indicates that a file analysis report is available for this file.
  5. Click View Reports.
    The Overview tab of the report is displayed, which shows a high-level summary of the file analysis.
  6. Click the down-arrow on the Report tab and select a report to view.
    Key information about the analysis is displayed. The information in the report varies depending on the type of file that was analyzed.
  7. (Optional) Click the icons on the Report tab to perform the following actions:
    • Export the report to other formats. Supported file formats are XML, JSON, and PDF
    • Download screenshots.
    • Download the packet capture (PCAP) file.

What to do next

To learn more about the information that is displayed on the Overview and Report tabs, see Analysis Report Details.