Jump to content

Forensic logs 7797


stapp
 Share

Recommended Posts

EAM Win 7 64bit

What is the default for the number of Forensic log entries? Is it the same as default of 300? (It will soon fill up)

Is the Forensic log supposed to show any changes I have made from the default settings everytime I open the GUI?

for example..
Setting "Application restarts" has been changed to "Enabled"
Setting "Removable device connections" has been changed to "Enabled"

To see this, change a setting, reboot, open Settings and quickly cycle though General, Privacy, Update etc tabs and then Forensics will show any changes from Default settings that you have.

When I have an auto update while online it will show that I have moved update notification to right center.

 

 

Link to comment
Share on other sites

I get the same observation as stapp before. Opened GUI, quickly clicked through tabs in Options and Protection sections and yes, Forensics shows every non-default setting (see attachment, top part).

Moreover, I noticed strange thing - after scan completes (in this case a scheduled USB scan), I get information about scan with empty name being canceled (also in the attachment, highlighted. And yes, I went to menu and canceled this scan, just wondering about the name.).

forensics.PNG

Link to comment
Share on other sites

13 hours ago, stapp said:

Is the Forensic log supposed to show any changes I have made from the default settings everytime I open the GUI?

Know problem. It is already fixed. The fix will be available a bit later.

Link to comment
Share on other sites

@stapp

Quote

What is the default for the number of Forensic log entries? Is it the same as default of 300? (It will soon fill up)


10.000 records, this value cannot be changed. it's a rotating database,  logrecord 10.001 will replace record 1, etc

Link to comment
Share on other sites

54 minutes ago, Frank H said:

@stapp


10.000 records, this value cannot be changed. it's a rotating database,  logrecord 10.001 will replace record 1, etc

Good, I was worried it was going to be 300 !!

Link to comment
Share on other sites

If I create an application block rule it is not shown in the Forensics Log.

If I remove the rule it is shown in the Forensics Log as removing it..

Surely it should show both... creation and removal of application rule? 

Link to comment
Share on other sites

To give some feedback about the Forensics Logs.

I actually didn't think I'd ever be using this feature, but since the update, I have unconsciously used it twice and found it useful.

First, was when I accidentally clicked through allowing a port... using Forensics log, i was able to go back and see what it was i had allowed.

good work.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...