What does the deleted_files_...log indicate in Malware detection log? Is veeam removing files from the production server or the backups?
Solved
Malware detection log
Best answer by Chris.Childerhose
You can also check this post on the community for a deep dive - Deep dive Inline Malware Detection | Veeam Community Resource Hub
+21If I am not mistaken that shows what it removes from the backups not your production server. I would not see Veeam doing that but it is a good indicator to run a scan on your servers too.
Chris Childerhose - VMCA2024 | VMCE2023 | VMCE-SP2024 | Veeam Vanguard 8* | Veeam Legend 5* | vExpert 6* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
1 person likes this
+21You can also check this post on the community for a deep dive - Deep dive Inline Malware Detection | Veeam Community Resource Hub
Chris Childerhose - VMCA2024 | VMCE2023 | VMCE-SP2024 | Veeam Vanguard 8* | Veeam Legend 5* | vExpert 6* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
Thanks . i can see so many .txt has been removed from username/appdata
+21Also check this post for a better understanding and deep dive - Veeam Malware Detection – A Forensics & Analysis 'How-To' Guide | Veeam Community Resource Hub
Chris Childerhose - VMCA2024 | VMCE2023 | VMCE-SP2024 | Veeam Vanguard 8* | Veeam Legend 5* | vExpert 6* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
+20Hi
Great question! As this Forums posts states, what this file is...and it’s new with the latest release by Veeam...is a new log file of all files which Veeam saw was deleted, raising a Malware event.
“A log for deleted files has also been added with the previous patch”
The new release Release Notes also state this file is new:
https://www.veeam.com/kb4510
“Bulk Rename events will now create detailed logs with the list of affected files in the following location: C:\ProgramData\Veeam\Backup\Malware_Detection_Logs”
Hope that helps!
Shane Williford - Veeam VMCA/VMCE | Veeam Legend | VUG Leader | VCP-DCV | Twitter: @coolsport00
+21Nikks wrote:
Got my answer , Thank you all
That is great. Please ensure to mark the answer from your thread that best helped you get the answer. Ensure it is the best answer so it will help others out.
Chris Childerhose - VMCA2024 | VMCE2023 | VMCE-SP2024 | Veeam Vanguard 8* | Veeam Legend 5* | vExpert 6* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
1 person likes this
+20Hi
Glad to hear you got your answer, but was the post selected as "Best Answer" (my article Chris shared) really what provided you your answer? Just verifying because my article is in regards to Inline Entropy & the file you reference is for File System Analysis. I would think the Forums link & link to latest update Release Notes which both discuss the file & it's purpose is what helped you out...but I could be wrong 😊
I just want to make sure others who may have the same question & see your post benefit.
One question - When enabling inline scan ,How do I scan data blocks as most scanners just scan the file system, is it done automatically by inline ?
1 person likes this
+20Yes. It’s done by Veeam via the Proxies.
Comment
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.