Seqrite XDR generates alerts and you can see them all in XDR UI. You may require to Quarantine some of the alerted processes. To Quarantine the alerts, select the desired alert and click the Quarantine button available at the bottom of the right panel opened for the selected alert.
The quarantined files can be seen in the under the Reports section. Once you quarantine the file, it gets deposited to the Quarantined folder on sensors installed system.
To view the list of Quarantine files, click the Quarantined Files under Reports.
Here you can see the Quarantined files with the following details-
- File Name
- Hash
- Original File path
- Endpoint
- Alert ID
You can sort the list based on the time by choosing the Time sorter available at the right side of the grid.
To add filters to the Quarantined files’ list, click the Add button available near the filter search bar and you can choose the filters to see the desired files.
Note: To export the Quarantined file details, click ‘Export’ button.