Log
Archives
Antivirus Logs
This form, available with a dedicated licence, allows consultation and analysis of security logs generated by antivirus engines integrated with BusinessLog.
Within the settings, MS Defender log collection can be enabled or disabled.
The following antivirus engines are currently supported:
-
Microsoft Defender (native integration)
-
ESET (via Syslog)
-
Bitdefender (via Syslog)​
The interface offers a structured overview of detected threats, policy modifications, and antivirus actions executed on monitored systems.
Explain the selected log
This function uses an AI-powered semantic analysis engine to automatically interpret the content of a single Syslog event.​
The system analyzes the message and provides a detailed explanation divided into sections:
-
What happened: describes the detected event in natural language, indicating the user, device, and technical context (e.g., accesses, errors, or modifications).
-
Why it matters: explains the relevance of the event, highlighting risks, vulnerabilities, or security implications.
-
Actions: suggests recommended checks or verifications for managing the event or resolving the issue.
When specific information is not available for a given event, the Wiki tab displays the technical details of the event ID, along with possible alternative actions or suggestions for further investigation.
The explanation can be printed or saved using the commands available at the bottom of the window.
AI Analysis
With a dedicated licence, the [AI Analysis] button is available in the log grids.
Up to 100 events can be sent to the AI engine, which analyses them to identify critical or suspicious logs and provides a contextual evaluation that is easy to understand, even for non-expert users.
The purpose is to support interpretation of security logs and accelerate the identification of potentially risky actions.
If more than 100 events are selected, only the first 100 are processed.
The generated report can be printed and exported.