Skip to main content

How can we help you?

Druva Documentation

Manage Scan Jobs

License editions: To understand the applicable license editions, see Plans & Pricing.

Overview

Whenever you trigger a restore with the Malicious File Scan option enabled, a scan job is initiated. You can monitor and manage all the scan jobs from the Scan Jobs page in Ransomware Recovery.

A Last Updated at timestamp is displayed beside the page heading to help you understand when the details of the page were last updated. 

For Endpoints, File Server, and NAS: Only after the scan job is complete, restore activity starts, clean files are restored, and all the malicious files are blocked.

For Virtual Machines: The file scan job is initiated after the restore job is complete. You must have a valid Accelerated Ransomware Recovery license enabled to use this feature.

You can view a summary of the scan job from the Scan Jobs page. 

You can cancel an ongoing job if you initiated the scan by mistake or no longer need to scan the data for malicious files.

Scan Jobs tab

The Scan Jobs tab provides an overview of all the Malicious File Scan jobs initiated for all the configured resources- Endpoints, File Backupsets (File Server and NAS), and Virtual Machines.

The following table provides information about the different sections within the Scan Jobs tab.

Fields Description
Summary section
Total File Scan Jobs

The total number of file scan jobs for all the configured resources- Endpoints, File Backupsets (File Server and NAS), and Virtual Machines.

Alternatively, you can also use the APIs to view these details. For more information, see Developer Portal.

Resource  Types  job count - Endpoints, FileBackupsets (File Server and NAS), and Virtual machines. The file scan job count for specific configured resources Endpoints, FileBackupsets (File Server and NAS), and Virtual machines. Click on the count to view all the file scan jobs for a specific resource in the Job Details listing section.

You can use the Scanjbs_filter.png icon to filter and view the scan jobs per your requirements. You can filter the scan jobs list based on the Resource Type, Status, and Start time criteria.

Click the Job ID to view the following job details:

Fields Description
Job Details section
Job ID The unique ID of the scan job.
Job Type Denoting that the job was Malicious File Scan.
Start Time The time when the scan was initiated.
End Time The time when the scan finished. If the job ended prematurely due to cancelation, or due to failure, this field displays that timestamp.
Product Job ID The ID of the restore job.

Resource Name

The name of the data source.

vCenter/ESXi Host The details of the host virtual machine. This field is only displayed when the resource type is a Sandbox virtual machine.
Resource Type The type of data source. Example: File Server.
User Name The name of the user to whom the endpoint belongs. This field is only displayed when the resource type is an endpoint.
Organization The name of the organization to which the server belongs. This field is only displayed when the resource type is a server. 
Status

The current status of the job. It can be any of the following:

  • Successful - The job completed successfully and you can view the details of the scanned files in the Scan Details section.

  • Failed - The job failed due to various reasons.

  • Canceled - The job was canceled by the administrator or an inSync Client user (in case of endpoints).

  • Queued - The job is yet to be processed. 

  • Running - The scanning is in progress. 

Created By The name of the administrator or inSync Client user who initiated the restore. 
Sandbox Recovered VM name The details of the restored Sandbox virtual machine. This field is only displayed when the resource type is a Sandbox virtual machine. 
Scan Details section: This content is applicable for Endpoints, File Server, and NAS resources.
Files Selected For Restore The total number of files that the administrator or an inSync Client user selected for this restore job.
Files Scanned The number of files scanned for this restore job.
Files Scan Skipped The number of files that were skipped during the scan. There can be various reasons for this such as file deleted midway through the scan, file corrupted, file path not accessible, and so on.
Files Blocked

The number of malicious files. Click the number to view the details of the malicious files and also download a CSV containing the file names and SHA1 value of each file. 

Use the Download File Report option to download and view the details of malicious files. The report is a zip CSV file that contains cumulative file details of malicious and skipped files.

 The Download File Report option is enabled when Druva encounters and displays a count of blocked files.

Scan Details section: This content is applicable for Sandbox virtual machines. 
Files Scan Skipped The number of files that were skipped during the scan. There can be various reasons for this such as a file being deleted midway through the scan, a file corrupted, a file path not accessible, and so on.
Files Scanned The number of files scanned for this restore job.
Malicious Files Found

The number of malicious files. Click the number to view the details of the malicious files and also download a CSV containing the file names and SHA1 value of each file. 

Use the Download File Report option to download and view the details of malicious files. The report is a zip CSV file that contains cumulative file details of malicious and skipped files.

 The Download File Report option is enabled when malicious files are identified and a count of malicious files is displayed. 

 

  • Was this article helpful?