> Essential > Monitor Backups > Threat Indicators Dashboard > Backup Size Anomalies

Threat Indicators - Backup Size Anomalies for Virtual Machines

The Backup size tab in the Threat Indicators dashboard lists virtual machines with backup size anomalies.

Clicking a VM opens the Backup Size Anomalies Report, which allows you to analyze the statistics for that VM.

Note

  • VMs must have file indexing enabled and must be running Indexing Version 2.

  • The backup plan for VMs must be configured to use deduplication.

  • At least 10 incremental backup jobs must be run before the system can automatically detect anomalies.

Backup Size Tab

Column

Description

Name

The virtual machine.

When you click the VM, the Backup Size Anomalies Report appears (see below), which allows you to analyze the statistics for that VM.

Indicators

The type of anomalous file activity discovered (that is, Backup size).

Data written

The total size of the data written during the backup.

Detected time

The time when the anomaly was detected.

Server type

The type of server identified.

Tags

Audit tags that you can use to record actions.

Actions

Click the action button action_button, and then select one of the following options:

  • Details: Open the Backup Size Report (see below).

  • Clear anomaly: Remove the VM that has unusual backup activity from the list in the table.

  • Manage tags: Add or remove a tag. For more information, see Managing Tags.

  • Recover VM: Recover the full virtual machine.

Backup Size Anomalies Report

Click a VM name in the Backup Size tab to open the Backup Size Anomalies Report for VM backup size anomalies.

The report is divided into the following sections: Backup Size chart and Files Backed Up table.

Note

To list all jobs for the VM, click Jobs in the upper right corner of the Backup Size Anomalies Report.

Backup Size Chart

The Backup Size chart displays the amount of data written for the last 7 backup jobs, along with a system-defined threshold (dashed line).

The following image is an example of the Backup Size chart for VM backup size anomalies:

Threat Indicators report for size-related anomalies - VM

Files Backed Up Table

Click a Job ID in the lower part of the Backup Size chart to populate the Files Backed Up table.

The Files Backed Up table is comprised of detailed information about the size of affected backup job files in the virtual machine, categorized into three tabs: Created, Modified, and Deleted.

The following image is an example of the Files Backed Up table for VM backup size anomalies:

embd_report description Unusual File Activity Report for File-Related Anomalies (1)

Note

To restore a path that has unusual file activity, select the checkbox of the path in the Files Backed Up table, and then click Restore.

The following table includes descriptions for all columns in the Files Backed Up table for VM backup size anomalies.

Column

Description

File Name

The name of the backed up file for the selected Job ID.

Path

The path to the folder that contains the backed up file.

Size

The size of the backed up file.

Loading...