View alerts
When FortiClient antivirus detects a virus while attempting to download a file via a web-browser, a warning displays in a dialog box.
Select View recently detected virus(es) to collapse the virus list. Right-click a file in the list to access the context menu.
Delete | Select to delete a quarantined or restored file. |
Quarantine | Select to quarantine a restored file. |
Restore | Select to restore a quarantined file. |
Submit Suspicious File | Select to submit a file to FortiGuard as a suspicious file. |
Submit as False Positive | Select to submit a quarantined file to FortiGuard as a false positive. |
Add to Exclusion List | Select to add a restored file to the exclusion list. Any files in the exclusion list will not be scanned. |
Open File Location | Select to open the file location on your workstation. |
When Alert when viruses are detected under AntiVirus Options on the Settings page is not selected, you will not receive the virus alert dialog box when attempting to download a virus in a web browser.
View realtime protection events
When an antivirus real-time protection event has occurred you can select to view these events in the FortiClient console. From the AntiVirus tab, select X Threats Detected, then select Real-time Protection events (x) in the left pane. The realtime_scan.log will open in the default viewer.
Example log output:
Realtime scan result: time: 09/29/15 10:46:07, virus found: EICAR_TEST_FILE, action: Quarantined, c:\users\user\desktop\eicar.com
time: 09/29/15 10:46:07, virus found: EICAR_TEST_FILE, action: Quarantined, c:\users\user\desktop\eicar.com.txt
time: 09/29/15 10:46:07, virus found: EICAR_TEST_FILE, action: Quarantined, c:\users\user\desktop\eicarcom2.zip
time: 09/29/15 10:46:08, virus found: EICAR_TEST_FILE, action: Quarantined, c:\users\user\desktop\eicar_com.zip
time: 09/29/15 10:46:39, virus found: EICAR_TEST_FILE, action: Quarantined, c:\users\user\appdata\local\temp\3g_bl8y9.com.part
time: 03/18/15 10:48:13, virus found: EICAR_TEST_FILE, action: Quarantined, c:\users\user\appdata\local\temp\xntwh8q1.zip.part
Configure Antivirus logging
Configure Antivirus logging
In standalone mode, you can configure Antivirus logging by using the FortiClient console.
In managed mode, Antivirus logging is configured by using a FortiClient profile.
To configure Antivirus logging:
- From the File menu, select Settings, and expand the Logging
- Configure the following settings:
Enable logging for these features | Select antivirus to enable logging for this feature. |
Log Level | Select the level of logging:
l Emergency: The system becomes unstable. l Alert: Immediate action is required. l Critical: Functionality is affected. l Error: An error condition exists and functionality could be affected. l Warning: Functionality could be affected. l Notice: Information about normal events. l Information: General information about system operations. l Debug: Debug FortiClient. |
Log file | |
Export logs | Select to export logs to your local hard disk drive (HDD) in .log format. |
Clear logs | Select to clear all logs. You will be presented a confirmation window, select Yes to proceed. |
Configure Antivirus options
In standalone mode, you can configure additional settings for the Antivirus tab by using the File > Settings page. See Antivirus options on page 102.
In managed mode, Antivirus options are controlled by the profile assigned to the endpoint by FortiGate/EMS.
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!