Ctrlk
WebsiteLinkedIn

Notifications

Notifications are only available for Windows EndPoints.

Starting, stopping, or restarting the EVE Agent.

When starting, stopping, or restarting the EVE agent, the following notifications are displayed.

Network Connected: Emphasizing with green color both text and icon, it is expressed that the isolation process is disabled. The list of Allowed IPs shows the IP addresses configured on the Platform.

Network Connected Notification

Network Isolated: Emphasizing with red color in text and orange icon, it is expressed that the isolation process is enabled. The list of Allowed IPs shows the IP addresses configured on the Platform.

Network Isolated Notification

Sending an Emulation

When an Emulation is performed a Windows system notification will be displayed warning that a new Emulation task has been received.

Emulation Task Received

When an emulation is performed, a window with details about the emulation will be displayed.

Emulation Status Window

  1. Displays the type of emulation being performed.

    • Network: Emulation performed only to evaluate the network vector.

    • Endpoint: Emulation performed to evaluate the network vector and EndPoint.

    • Execution Emulation conducted to evaluate all three vectors. See Emulation Vectors.

  2. Name of the emulation configured in the Platform.

  3. Actual vector: indicates in which stage of evaluation is the emulation, depending on the vectors.

  4. Status: Actions being carried out now.

  5. Notification: Refers to the Emulation States.

  6. Status per vector. Indicates the set evaluation time for each vector. The status bar fills up depending on the configured time.

  7. Second status indicator. First it shows the countdown time for each vector involved in the emulation. At the end it will display a message:

    • Mission Complete: The emulation was successful, i.e., all the artifacts in the package were executed.

    • Errors. It will show details on why the emulation was not successful.

Isolation Logs request

When an Isolation Logs request is made, the following messages are displayed on the Endpoint.

Window showing the list of available Isolation Logs.
System Notification

Downloading Isolation Logs

When downloading one of the files from the Isolation Logs list, the following messages are displayed on the Endpoint.

File Downloaded
System Notification

Isolation Group Updates

When making changes to the Isolation Group Policy the following notification are displayed.

System Notification

Agent Logs

When obtaining the Agent Logs the following notification are displayed.

Logs Availability
System Notification

IOC Validation

When performing IoC Validation the following messages are displayed on the endpoint.

IOCs Emulated
System Notification

Custom Scripts

When performing performing Script Emulations, the following messages are displayed on the endpoint.

Sctipts Emulated
System Notification
PreviousControlsNextIsolation

Last updated