BlueCoat Content Analysis OverviewResources Applies To: Bluecoat Content Analysis 1.3 or above Overview Bluecoat Content Analysis is a next-generation anti-virus, malware, and spyware detection system. Content Analysis includes the features like Malware and Antivirus scanning, Static Analysis services from Cylance, File Reputation Service, Manual File Blacklist and Whitelist, Sandbox integration with Blue Coat's Malware Analysis. EventTracker is an enterprise-class platform that seamlessly combines SIEM, Log Management, File Integrity Monitoring, machine analytics and so forth. EventTracker Knowledge Pack for Bluecoat Content Analysis allows you to monitor the following components: - Security - Threat detection Operation - File scan results Previous Next Once Bluecoat Content Analysis is configured to deliver events to EventTracker Manager; Alerts, Knowledge objects and reports can be configured into EventTracker. Some of the Knowledge Packs available in EventTracker are listed below. For more information, please refer Integration Guide. Security Alerts Bluecoat Content Analysis: Threat detected – This alert generates when threats are detected while scanning. Reports Bluecoat Content Analysis- Threat detected – This report gives the information about threats detected while scanning. Operation Alerts Bluecoat Content Analysis: File blocked – This alert generates when the files are blocked by antivirus. Reports Bluecoat Content Analysis - File activity – This report gives the information about file scan result, reputation and the action taken. Scope The configurations detailed in this guide are consistent with EventTracker version 9.x and later, and Bluecoat Content Analysis 1.3 or above. Documentation For more information, please refer the Bluecoat Content Analysis Integration guide.