Downloaded files

The Downloaded files widget provides an overview of the number of files that were downloaded in the monitored network. The graph is a daily histogram of downloaded files, grouped by high level file type.

You can filter the graph using the Files pull-down menu by selecting from All files, Files uploaded for analysis (the default), or Malicious files.

• All files selects every file observed by the Sensor.

• Files uploaded for analysis selects those files that have been observed by the Sensor and that have not discarded by the pre-filter, resulting in an upload for analysis.

• Malicious files are files that were uploaded for analysis and have been found to be malicious (impact score of 70 or above).

You can also filter the graph by selecting Total number or Unique files (the default) from the pull-down menu to the right.

The displayed file types are:

• Archive — Archive formats such as ZIP or RAR

• Document — Includes other types of Office documents

• Executable — Binary program formats such as Windows Portable Executable

• Java — Java application or applet

• Media — Macromedia (Adobe) Flash file

• Other — Other recognized file format

• PDF — Portable Document Format files

• Script — An executable script such as JavaScript, Python, and others

• Unknown — Unknown file type

Hovering over a section of the histogram shows the specific date, type of file, and the number of files.

Clicking on the legend can show or hide different file types in the graph.