View exploit prevention events

Note: This feature will be unavailable if your license doesn't include Exploit Prevention.
If you use role-based administration, you must have the Exploit Prevention right to view exploit prevention events in Enterprise Console. For more information about role-based administration, see Managing roles and sub-estates.

To view exploit prevention events:

  1. On the Events menu, click Exploit Prevention..
    The Exploit Prevention - Event Viewer dialog box appears.
  2. In the Search period box, click the drop-down arrow, and select the period for which you want to display the events.
    You can either select a fixed period, for example, Within 24 hours, or select Custom and specify your own time period by selecting the starting and ending dates and times.
  3. If you want to view events for a certain User or Computer, enter the name in the respective field.
    If you leave the fields empty, events for all users and computers will be displayed.
    You can use wildcards in these fields. Use ? for any single character and * for any string of characters.
  4. If you want to view events associated with a certain type, in the Type field, click the drop-down arrow and select the type.
  5. Click Search to display a list of events.

You can export the list of exploit prevention events to a file. For details, see Export the list of events to a file.