Skip to main content
Manage Scan Jobs
Updated over a year ago

License editions: To understand the applicable license editions, see Plans & Pricing.

Overview

Whenever you trigger a restore with the Malicious File Scan option enabled, a scan job is initiated. You can monitor and manage all the scan jobs from the Scan Jobs page in Ransomware Recovery.


โ— Important

Malicious file scan is not supported for files beyond 1 GB in size.


A Last Updated at timestamp is displayed beside the page heading to help you understand when the details of the page were last updated.

For Endpoints, File Server, and NAS: Only after the scan job is complete, restore activity starts, clean files are restored, and all the malicious files are blocked.

For Virtual Machines: The file scan job is initiated after the restore job is complete. You must have a valid Accelerated Ransomware Recovery license enabled to use this feature.

You can view a summary of the scan job from the Scan Jobs page.

You can cancel an ongoing job if you initiated the scan by mistake or no longer need to scan the data for malicious files.


โ— Important

For Malicious File Scan, jobs are retained for 180 days.


Scan Jobs tab

The Scan Jobs tab provides an overview of all the Malicious File Scan jobs initiated for all the configured resources- Endpoints, File Backupsets (File Server and NAS), and Virtual Machines.

The following table provides information about the different sections within the Scan Jobs tab.

Fields

Description

Summary section

Total File Scan Jobs

The total number of file scan jobs for all the configured resources- Endpoints, File Backupsets (File Server and NAS), and Virtual Machines.

Alternatively, you can also use the APIs to view these details. For more information, see Developer Portal.

Resource Types job count - Endpoints, FileBackupsets (File Server and NAS), and Virtual machines.

The file scan job count for specific configured resources Endpoints, FileBackupsets (File Server and NAS), and Virtual machines. Click on the count to view all the file scan jobs for a specific resource in the Job Details listing section.

You can use the filter icon to filter and view the scan jobs per your requirements. You can filter the scan jobs list based on the Resource Type, Status, and Start time criteria.

Click the Job ID to view the following job details:

Fields

Description

Job Details section

Job ID

The unique ID of the scan job.

Job Type

Denoting that the job was Malicious File Scan.

Start Time

The time when the scan was initiated.

End Time

The time when the scan finished. If the job ended prematurely due to cancelation, or due to failure, this field displays that timestamp.

Product Job ID

The ID of the restore job.

Resource Name

The name of the data source.

vCenter/ESXi Host

The details of the host virtual machine. This field is only displayed when the resource type is a Sandbox virtual machine.

Resource Type

The type of data source. Example: File Server.

User Name

The name of the user to whom the endpoint belongs. This field is only displayed when the resource type is an endpoint.

Organization

The name of the organization to which the server belongs. This field is only displayed when the resource type is a server.

Status

The current status of the job. It can be any of the following:

  • Successful - The job completed successfully and you can view the details of the scanned files in the Scan Details section.

  • Failed - The job failed due to various reasons.

  • Canceled - The job was canceled by the administrator or an inSync Client user (in case of endpoints).

  • Queued - The job is yet to be processed.

  • Running - The scanning is in progress.

Created By

The name of the administrator or inSync Client user who initiated the restore.

Sandbox Recovered VM name

The details of the restored Sandbox virtual machine. This field is only displayed when the resource type is a Sandbox virtual machine.

Scan Details section: This content is applicable for Endpoints, File Server, and NAS resources.

Files Selected For Restore

The total number of files that the administrator or an inSync Client user selected for this restore job.

Files Scanned

The number of files scanned for this restore job.

Files Scan Skipped

The number of files that were skipped during the scan. There can be various reasons for this such as file deleted midway through the scan, file corrupted, file path not accessible, and so on.

Files Blocked

The number of malicious files. Click the number to view the details of the malicious files and also download a CSV containing the file names and SHA1 value of each file.

Use the Download File Report option to download and view the details of malicious files. The report is a zip CSV file that contains cumulative file details of malicious and skipped files.


โ— Important

The Download File Report option is enabled when Druva encounters and displays a count of blocked files.


Scan Details section: This content is applicable for Sandbox virtual machines.

Files Scan Skipped

The number of files that were skipped during the scan. There can be various reasons for this such as a file being deleted midway through the scan, a file corrupted, a file path not accessible, and so on.

Files Scanned

The number of files scanned for this restore job.

Malicious Files Found

The number of malicious files. Click the number to view the details of the malicious files and also download a CSV containing the file names and SHA1 value of each file.

Use the Download File Report option to download and view the details of malicious files. The report is a zip CSV file that contains cumulative file details of malicious and skipped files.


โ— Important

The Download File Report option is enabled when malicious files are identified and a count of malicious files is displayed.


Files Deleted

The number of malicious files deleted. This is displayed only if the Delete Malicious Files checkbox is selected and malicious are detected during scan.

Did this answer your question?