Skip to main content
All CollectionsCyber ResiliencyRansomware RecoveryThreat Hunting
Download Report for a Threat Hunt job
Download Report for a Threat Hunt job

Provides information about monitoring Threat Hunt jobs using download report.

Updated over 2 weeks ago

Overview

You can use the Download Report option to download Threat Hunt File Level and/or Snapshot level details for offline investigation and auditing purposes.

Use Summary Report to download and view the details of scanned files and Detailed Report to download and view snapshot details.

The data is downloaded in a compressed file format when you click the Download Report option. Following is the file naming convention of the downloaded file:

Summary Report: <Threat Hunt Name_Summary-<Date stamp>, <Time stamp>.<file extension of the compressed file format>
For example, file level report for the Threat Hunt Test name will be downloaded as <Threat Hunt Test_Summary-Jul 13, 2024 09_47_25.zip>
Detailed Report: <Threat Hunt Name_Detailed-<Date stamp>, <Time stamp>.<file extension of the compressed file format>
For example, detail report for the Threat Hunt Test name will be downloaded as <Threat Hunt Test_Detailed-Jul 13, 2024 09_47_25.zip>

What information does the Summary Report contain?

The Summary Report provides a summary of scanned files which includes the following information:

  • Threat Hunt Name

  • Scan Criteria defined for Threat Hunt

  • Status of Scan

  • Number of infected resources

  • Number of infected snapshots

  • Total number of malicious files found

  • Name of the administrator who created the Threat Hunt job

  • Date and time when the Threat Hunt job is initiated

  • Date and time when the Threat Hunt job completed

  • Name of the resource

  • Snapshot details such as name, status (ready or not ready for threat hunt) and size

  • Total number of scanned files

  • Total number of file matches found

  • Number of file hash matches

  • Number of predefined file hashes

  • Number of file extension matches

What information does the Detailed Report contain?

The Detailed Report includes the following information:

  • Threat Hunt Name

  • Scan Criteria defined for Threat Hunt

  • Status of Scan

  • Number of infected resources

  • Number of infected snapshots

  • Total number of malicious files found

  • Name of the administrator who created the Threat Hunt job

  • Date and time when the Threat Hunt job is initiated

  • Date and time when the Threat Hunt job completed

  • Name of the resource

  • Snapshot details

  • Name of the malicious or infected file

  • File Path-Location of the malicious or infected file

  • Scan criteria used to scan the file

  • Details of file matches—This displays the file hash value entered during threat creation. It can be either SHA1, SHA-256, or MD5.

  • File type, size, creation, and modification time

  • SHA1 Checksum values

Procedure

To download the report, perform the following steps:

  1. From the DCP dashboard, go to the Global Navigation Menu ->Ransomware Recovery.

  2. Select Threat Hunting from the Left navigation panel, the Threat Hunting dashboard appears.

  3. On the Threat Hunt dashboard page, click the Threat Hunt Name for which you want to download the report.

  4. On the Scan Results page, click Download Report > Detailed Report or File Summary Report. The data is downloaded in a compressed file format.

Related Articles
Get started with Threat Hunting
Create a New Threat Hunt
Threat Hunting Dashboard
Troubleshooting and FAQ's for Threat Hunting
Duplicate, Delete, or Cancel a Threat Hunt job
Did this answer your question?