View the threat scan queue

When threat scan requests have been submitted to a third-party malware scanning integration, the requests are queued so as not to overload system resources. You can view the status of queued requests, as needed. In the list of queued scans, each scan includes an automatically-generated scan name that identifies the file, hash value, URL, or IP address that was scanned.

Before you begin

Role required: sn_ti.admin

Procedure

  1. Navigate to Threat Intelligence > Threat Scanning > Scan Queue.
    All scan requests that have been submitted are shown in a list. The State column shows the current state of each queued entry. A state of Complete indicates that the scan has left the queue. It does not necessarily indicate that the scan has completed processing. When the scans have been completed or if they failed, the Processing column will show the appropriate work notes text.
    Note: If a hash value was submitted for scanning and the scanner fails to find a result, the State shows Complete and the work note in the Processing column will indicate Unknown.
  2. After a scan has finished processing, click a queued record to view details for the scan request.