...
Step 1 | From the UDMG Admin UI navigation pane, select Rules. The Rules list displays. | |||||
---|---|---|---|---|---|---|
Step 2 | Select a rule from the Rule list or create a new one. The Rule Details panel displays displays. | |||||
Step 3 | Scroll down to the Post-Tasks box on the Rule Details paneltab.
| |||||
Step 4 | Click Save icon (). | |||||
Step 5 | The rule is updated to include the ICAP task as part of the UDMG file transfer workflow. The task tab shows a green dot to indicate that a task is configured. — what task tab? shouldn't this be rule tab? | |||||
Step 6 | Proceed with attempting to transfer the EICAR Anti-Virus Test File. | |||||
Step 7 | After the file upload, it is transferred to the ICAP antivirus server during the post-task processing and stops in ERROR status. The Error Message indicates that an infection is found. If the ICAP antivirus server does not find an infection, then the transfer is considered complete with a successful status. | |||||
Step 8 | The infection error details can be forwarded to UAC as a universal event. See the Universal Event Integration documentation for the list of corrective actions that can be triggered by the Controller. | |||||
Step 9 | The scanning details from the interrogation to the ICAP antivirus server are kept as transfer metadata with the "udmg_icap" prefix. In particular, the X-headers show the type of infection as reported by the server. The scanning details can be displayed using the command line interface and the ‘transfer get’ command.
Or on the Info tab of the transfer details on UDMG Admin UI. The transfer log also shows an error with an infection detection. |
...