Endpoint Protection

Is there a better way to monitor the status of infected computers?

• Currently, the overall infection status of a computer is listed in Monitors --> Logs --> Computer Status.
• The details of what action was taken is listed under Monitors --> Logs --> Risk.
• However to clear the infection status, you have to go bck to Monitors --> Logs --> Computer Status.

So basically let's say SEP detected a virus on a client and successfully deleted it. As an admin, I get notification in the SEPM Console that the computer is infected. I need to go to the Risk Logs to search for that specific computer and figure out what action SEP took on the risk. Then if I determine the computer is okay, I need to go to the Computer Status Logs in order to clear the infection status from the comptuer.

Is there an easier way to do this without so much bouncing around? (Too bad the "details" view in the Computer Status Logs doesn't indicate what action was taken on the risk.)

Thanks!

You can go to
monitors - logs - computers
click on advanced at the bottom
click on compliance option.
check infected only
select the entry, you will get those infected and you can clear it here. hope this helps.

@Rafeeq,

That still doesn't give me one location to view what action was taken on the risk, and then allow me to clear it, without bouncing around. We have tens of thousands of clients, so unfortunately switching views and drilling down to specific computers can sometimes take a little effort.

I agree. There needs to be a better way. I had hoped this would have been added to RU5.