Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Elements of a logging rule

A logging rule handles the writing of log file entries into a particular log. Its elements are of the same types as with other rules.


Write Found Viruses Log

Criteria Action Events
Antimalware.Infected equals true Continue

Set User-Defined.LogLine =

+ DateTime.ToWebReporterString

+ “ ””

+ Authentication.Username

+ “ ”

+ String.ReplaceIf Equals (IP.ToString(Client.IP), ““”, “-”)

+ ““ ””

+ List.OfString.ToString (Antimalware.VirusNames)

+ ““ ””


+ ““”

(User-Defined.logLine)<Found Viruses Log>

The elements of this rule have the following meanings:

  • Criteria — Antimalware.Infected equals true 
    The criteria of the rule uses the Antimalware.Infected property. It is matched when the value of this property is true. This means that the rule applies when a filtered object is infected.
  • Action — Continue
    When the rule applies, it executes the Continue action. This action lets processing continue with the next rule after the events of the current rule have also been executed.
  • Events — When the rule applies, it also executes two events:
    • Set User-Defined.logLine = ... Sets the parameter values that are logged.
      These values are as follows:
    • FileSystemLogging.WriteLogEntry ... Executes the write event.
      The entry that is to be written and the log file it is written into are specified with the event:
      • (User-Defined.logLine) — Event parameter specifying the entry.
        This is a log file line with the parameter values that have been set by the other event of the rule.
      • <Found Viruses Log> — Event settings specifying the log file.
  • Was this article helpful?