Creating report for SEP client only when there is issue ?
Created: 02 Sep 2012 | Updated: 07 Sep 2012 | 5 comments
This issue has been solved. See solution.
Hi,
In order to reduce email noise that we normally receive, how can I configure SEPM server to only email me when there is applicable components (servers and workstations/laptops) are NOT protected with AV, any periodic scans not running and not having the latest definition ?
Discussion Filed Under:
Comments 5 Comments • Jump to latest comment
Report not having the latest definition
It help you to find the old defintion systems with hostanme/ip address.
Steps are below
Open and login to the SEPM
Click Monitors
Click Notifications
Click Notification Conditions
Click Add
Select "Virus definitions out-of-date"
Enter the notification name(eg- old defintion)
Select condition (eg- 3 computers with virus definitions older than 2 and so on days )
Add your email id here.
Not Protect In AV one of IDEA already raised by Mithun.
Notification Alert as soon as SEP clients which were once reporting to SEPM goes offline
http://www.symantec.com/connect/ideas/notification-alert-soon-sep-clients-which-were-once-reporting-sepm-goes-offline
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
in the report tab there are templates available, can you check if those are the one that you looking for. If not suggest the report.
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Hello,
Check these Articles:
How to create a SEPM Custom Scheduled Report for Offline SEP Clients.
http://www.symantec.com/docs/TECH175948
About log types http://www.symantec.com/docs/HOWTO27271
About the different types of Symantec Endpoint Protection Manager Reports
http://www.symantec.com/docs/TECH95538
About Computer Status reports and logs http://www.symantec.com/docs/TECH95541
Saving and deleting filters http://www.symantec.com/docs/HOWTO27267
Hope that helps!!
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
Hi,
There are two weekly scheduled reports & seven pre-defined notifications configured by Symantec.
Schedule Reports: SEPM --> Reports --> Scheduled Reports
Notification location:
SEPM--> Monitors--> Notifications --> View Notifications --> Notifications Conditions
If you wish you can delete these notifications & reports however it's not recommended.
Notifications are trigger only when there is a problem.
Check whether do you have any extra reports and notifications configured? if not required delete them.
Check which reports are creating extra noise & tune it them as per business requirement.
Those reports are commonly required by Company System admin's so Symantec is giving as a pre-defined.
Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.&
Cool,
Many thanks for the advice and help guys.
Kind regards,
John Santana
Graduate IT Professional
--------------------------------------------------
Please be nice to me as I'm newbie in this forum.
Would you like to reply?
Login or Register to post your comment.