The end of my report says the following:
'Download insight detected a potentially malicious file, and a user chose to allow the file. For more information about the event that triggered this notification, see the Monitors page, Logs tab, and select the Risks log type. Click Advanced Settings and filter on the Event Type "Applicaiton Allowed" to see user-allowed downloads. You gan also see the Reports page, Quick Reports tab; select the Risk Report type and run the "Download Risk Distributions" report.
I contacted support on the above. The first individual thought i was a bug, the second said it was by design,
Here is my problem: 1.) I have no events whatsoever logged. We have a clean system.
2.) The option filter on "Application Alowed" is very misleading. Even after selecting advanced, this is not a selectable item.
My incident: '06659538'.
Thanks,
Todd