Hosts View - Agent History TabHosts View - Agent History Tab
The Agent History tab lists the commands along with the respective status and additional details.
Below is an example of the Agent History tab:
Agent and Scan Details. You can view the following agent and scan details of the selected host:
Host name - Name of the host. For example, WIN-ABC.
Risk score - Risk score of the host.
Operating System - Operating system on which the agent is running (Linux, Windows, or Mac).
Agent Scan Status - Current status of the scan - Idle, Scanning, Starting Scan, or Stopping Scan. For more information, see Scan Hosts.
Agent Last Seen - Time when the agent last communicated with the Endpoint server.
Agent Version - Version of the agent. For example, 18.104.22.168.
More - Provides options to:
|2||Search files on host. Lets you search the files on the host (file name, file path, and SHA-256 checksum).|
Details Panel- Displays information, such as:
Note: If the command's status is expired, it means that the agent is unable to process the command even after five retries.
Note: Command types such as identity, scan, stop scan, stop isolation, system dump do not contain any associated command parameters.
Note: After you upgrade to NetWitness version 11.5, the commands executed in the previous versions are displayed automatically. The fields such as last retrieval time, total retrieval, and user do not contain any values. For system generated commands, the user field value shows as system.
Filter Files. You can filter commands by selecting the options in the Filters panel. For more information, see Filter Host Details.
|5||Settings Menu. You can set History view preferences by selecting columns from the Settings menu.|