https://community.cisco.com/t5/endpoint-security/cisco-endpoint-security-question/m-p/4313856#M6059 <P>Thanks both Ken and&nbsp;Thorsten.&nbsp;</P> Thu, 25 Mar 2021 14:56:52 GMT IamSamSaul 2021-03-25T14:56:52Z https://community.cisco.com/t5/endpoint-security/cisco-endpoint-security-question/m-p/4310732#M6048 <P>Hello,</P><P>Is there a way to check what happened to the malicious file when Cisco Endpoint Security detects a threat and generate an even.</P><P>&nbsp;</P><P>When I enter the Sha-256 hash I can see other information but not what happened? For example: Threat detected and file was quarantined or file deleted.</P><P>&nbsp;</P><P>Thanks &amp; Regards,</P><P>Sam</P> Fri, 19 Mar 2021 23:03:08 GMT https://community.cisco.com/t5/endpoint-security/cisco-endpoint-security-question/m-p/4310732#M6048 IamSamSaul 2021-03-19T23:03:08Z https://community.cisco.com/t5/endpoint-security/cisco-endpoint-security-question/m-p/4310743#M6049 That should appear in the dashboard, events for the endpoint, the device trajectory...<BR /><BR /> Fri, 19 Mar 2021 23:36:50 GMT https://community.cisco.com/t5/endpoint-security/cisco-endpoint-security-question/m-p/4310743#M6049 Ken Stieers 2021-03-19T23:36:50Z https://community.cisco.com/t5/endpoint-security/cisco-endpoint-security-question/m-p/4311363#M6050 <P>Hello&nbsp;<a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/879593">@IamSamSaul</a>, as&nbsp;<a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/321979">@Ken Stieers</a>&nbsp;already explained.<BR />When checking the Event, you just need to open the Device Trajectory. In the example from the attached screenshot, i also filtered for the SHA256 hash of the malicious file.<BR />Greetings,<BR />Thorsten</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="DeviceTrajectoryMalicious File.png" style="width: 999px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/106940iABA4D531BE3AB747/image-size/large?v=v2&amp;px=999" role="button" title="DeviceTrajectoryMalicious File.png" alt="DeviceTrajectoryMalicious File.png" /></span></P> Mon, 22 Mar 2021 11:17:14 GMT https://community.cisco.com/t5/endpoint-security/cisco-endpoint-security-question/m-p/4311363#M6050 Troja007 2021-03-22T11:17:14Z https://community.cisco.com/t5/endpoint-security/cisco-endpoint-security-question/m-p/4313856#M6059 <P>Thanks both Ken and&nbsp;Thorsten.&nbsp;</P> Thu, 25 Mar 2021 14:56:52 GMT https://community.cisco.com/t5/endpoint-security/cisco-endpoint-security-question/m-p/4313856#M6059 IamSamSaul 2021-03-25T14:56:52Z