dmgeurts Posted December 4, 2023 Share Posted December 4, 2023 So it turns out that if Malware is found in a user's OneDrive you get an alert. The issue is that there's no information included about which file or folder is affected or what type of malware was detected. Has anyone dealt with this? Does Nakivo exclude the affected files from the backup? How can one flag things if it's a false positive? I'm not a Windows person so any pointers on how to deal with malware on a user's OneDrive would be most welcome too. 1 Quote Link to comment Share on other sites More sharing options...
The Official Moderator Posted December 5, 2023 Share Posted December 5, 2023 23 hours ago, dmgeurts said: So it turns out that if Malware is found in a user's OneDrive you get an alert. The issue is that there's no information included about which file or folder is affected or what type of malware was detected. Has anyone dealt with this? Does Nakivo exclude the affected files from the backup? How can one flag things if it's a false positive? I'm not a Windows person so any pointers on how to deal with malware on a user's OneDrive would be most welcome too. @dmgeurts for a more thorough investigation, please follow these steps: 1) Enable Expert Mode: Navigate to Expert Mode: https://helpcenter.nakivo.com/User-Guide/Content/Settings/Expert-Mode.htm and activate 'system.debug.mode.enabled.' 2) Activate Debug Mode on Transporter: Access the transporter linked to the M365 repository and turn on debug mode. You can find details here: https://helpcenter.nakivo.com/User-Guide/Content/Settings/Nodes/Managing-Nodes/Editing-Nodes.htm 3) After completing these steps, rerun the job and generate a new support bundle, ensuring it includes the main database. Please describe the issue when sending the support bundle and mention your ticket number #230026. For details on creating a support bundle, refer to this page: https://helpcenter.nakivo.com/User-Guide/Content/Settings/Support-Bundles.htm Looking forward to hearing from you. Quote Link to comment Share on other sites More sharing options...
dmgeurts Posted December 6, 2023 Author Share Posted December 6, 2023 Is there any way of having this detail added to the messages in the Director? I'd hate to leave debugging turned on permanently to have visibility of this. 1 Quote Link to comment Share on other sites More sharing options...
The Official Moderator Posted December 6, 2023 Share Posted December 6, 2023 5 hours ago, dmgeurts said: Is there any way of having this detail added to the messages in the Director? I'd hate to leave debugging turned on permanently to have visibility of this. Hello, @dmgeurts We'll forward your request to our development team. To help our team understand your environment and solution plan, consider sending us a support bundle. For information on how to create and send a support bundle, please refer to: https://helpcenter.nakivo.com/User-Guide/Content/Settings/Support-Bundles.htm Quote Link to comment Share on other sites More sharing options...
dmgeurts Posted December 7, 2023 Author Share Posted December 7, 2023 Thank you. There should be a few support bundles on file already from other tickets this week. As a security admin, the request is pretty simple. Please include the following details in reports: Which files were found to contain malware What malware was detected As an extra, it would be great to have these reports emailed to a security team as they may not be the same people as the backup operators. But a good start would be to include a little more logging/detail in malware reports. 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.