Property for Monitor and Log

The property dialog box about Monitor and Log records as following:

The first edit box will show the application's full path name and its properties, and it will verify the digital signature. Normally, the program signed by Microsoft or Filseclab is trusted file. The program is dangerous if it has no digital signature, no description, no product name, no company name and no file version.

The second edit box will show the record's fields of Monitor or Log, about the fields' explanation, please view here. In addition, the last field Rules description is the matched rule's description.

Operations

  • Kill Process: Kill the current process. The System cannot be killed, and Windows will be crashed if the kernel processes killed like services.exe, csrss.exe etc, the program will prompt you when you to kill the kernel process.
  • Find Target: Locate the application with Windows Explorer.
  • Create Rules: Build rule based on this packet's data, a menu will be popped up after you click this button and about the details please view here.
  • Resolve IP Address: To resolve the IP address and port to friendly name. Enable this option, it will automatically resolve current data, but the option's state is not saved, you need to click OK to save the state if you want to automatically resolve IP address when you to open the property dialog box. Note: To open the property dialog box may become slowly if you enable this option.

  • See Also
    Index Monitor Log Build Rules