To view events that indicate a possible exploitation, create an Active View with a filter that has the Vulnerability value set to 1.
Within an event, the values in the Vulnerability field indicate the following:
1: the asset or destination device is possibly exploited.
0: the asset or destination device is not exploited.
NOTE:If the exploitdetection.csv file is not generated, the Vulnerability field is blank.
For more information on viewing events in Active Views, see Viewing Real-Time Events.
For trademark and copyright information, see Legal Notices.