Currently, there is no immediate notification when an antivirus action occurs on an endpoint. Huntress only reflects the activity after the file has already been quarantined, and the only way to see that action is by manually reviewing the agent’s AV results.

This creates a visibility gap. As an MSP, we should not have to manually check each endpoint to determine whether a quarantine or remediation action has taken place.