Jump to content

Forensic logs 7797


Recommended Posts

EAM Win 7 64bit

What is the default for the number of Forensic log entries? Is it the same as default of 300? (It will soon fill up)

Is the Forensic log supposed to show any changes I have made from the default settings everytime I open the GUI?

for example..
Setting "Application restarts" has been changed to "Enabled"
Setting "Removable device connections" has been changed to "Enabled"

To see this, change a setting, reboot, open Settings and quickly cycle though General, Privacy, Update etc tabs and then Forensics will show any changes from Default settings that you have.

When I have an auto update while online it will show that I have moved update notification to right center.

 

 

Link to post
Share on other sites

I get the same observation as stapp before. Opened GUI, quickly clicked through tabs in Options and Protection sections and yes, Forensics shows every non-default setting (see attachment, top part).

Moreover, I noticed strange thing - after scan completes (in this case a scheduled USB scan), I get information about scan with empty name being canceled (also in the attachment, highlighted. And yes, I went to menu and canceled this scan, just wondering about the name.).

forensics.PNG

Link to post
Share on other sites
13 hours ago, stapp said:

Is the Forensic log supposed to show any changes I have made from the default settings everytime I open the GUI?

Know problem. It is already fixed. The fix will be available a bit later.

Link to post
Share on other sites

@stapp

Quote

What is the default for the number of Forensic log entries? Is it the same as default of 300? (It will soon fill up)


10.000 records, this value cannot be changed. it's a rotating database,  logrecord 10.001 will replace record 1, etc

Link to post
Share on other sites
54 minutes ago, Frank H said:

@stapp


10.000 records, this value cannot be changed. it's a rotating database,  logrecord 10.001 will replace record 1, etc

Good, I was worried it was going to be 300 !!

Link to post
Share on other sites

Can I also ask again about my earlier remark Frank

If I pause protection for 10 minutes this is not shown in Forensics log. Should it not be shown, at least, on restart of protection.? 

Link to post
Share on other sites

If I create an application block rule it is not shown in the Forensics Log.

If I remove the rule it is shown in the Forensics Log as removing it..

Surely it should show both... creation and removal of application rule? 

Link to post
Share on other sites

To give some feedback about the Forensics Logs.

I actually didn't think I'd ever be using this feature, but since the update, I have unconsciously used it twice and found it useful.

First, was when I accidentally clicked through allowing a port... using Forensics log, i was able to go back and see what it was i had allowed.

good work.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...