The Active Block Rules page in the Malwarebytes Nebula console lists the events where someone has attempted to log in to your managed Windows™ endpoints via Remote Desktop Protocol (RDP).
To view this page, log into Malwarebytes Nebula and select Active Block Rules from the left navigation pane. This article explains how to sort and export data, and how to restore access to an endpoint.
Sort data in the results list
You can customize data in the results list in the following ways:
- Click the the Select columns icon above the results list to choose which columns to display.
- Drag and drop certain column headers to the results bar to group data by those parameters.
- Use the filters in the column headers to view specific data.
- Hover your cursor over a column header to reveal a hamburger icon with options to pin and auto-size columns.
To download data to your local machine:
- Select all or check specific boxes for the rows you want to export.
- At the top-right of the Active Block Rules page, click Export.
Restore access to an endpoint
To restore access to an endpoint user, delete the block rule from your Nebula console. You must have the Nebula console Super Admin or Administrator role to delete block rules:
- Check the box for one or more endpoints.
- At the top-right of the Active Block Rules page, click Delete.
- A confirmation dialog displays. Click Yes to remove the block rule on that endpoint.
Return to the Malwarebytes Nebula platform Administrator Guide.