Skip Navigation

CylanceAVERT
events

Data exfiltration events are saved and listed on the
CylanceAVERT
events page.
CylanceAVERT
events are stored in the events list for 30 days. When a data exfiltration event occurs, a new list item will be added to the events list displaying the following information:
Item
Description
Detection Time
This is the date and time that the exfiltration event occurred.
Device
This is the device name of the device where the exfiltration event was found.
User
This is the first name, last name, email, department, and title of the user who committed the exfiltration event. You can click the link to view the user details page.
Activity
This is the type of activity that
CylanceAVERT
tagged as a data exfiltration event. The possible values are web, email, and USB.
Location
This is the location that the sensitive data was uploaded to. The value of this is dependent on the type of upload that occurred (website root domain, email domains and recipients, location of copied USB files).
Files
This is the number of files involved in the event. You can click the link to view the file details page. Multiple files may be associated with an exfiltration event.
Policy
This is the number of
CylanceAVERT
user policies that were violated. Multiple policies may be associated with an exfiltration event.
Data Type
This is the number of keyword or regular expression that were met to trigger the
CylanceAVERT
event.