Video Screencast Help

Creating report for SEP client only when there is issue ?

Created: 02 Sep 2012 • Updated: 07 Sep 2012 | 5 comments
This issue has been solved. See solution.

Hi,

In order to reduce email noise that we normally receive, how can I configure SEPM server to only email me when there is applicable components (servers and workstations/laptops) are NOT protected with AV, any periodic scans not running and not having the latest definition ?

Comments 5 CommentsJump to latest comment

Ashish-Sharma's picture

Report not having the latest definition

It help you to find the old defintion systems with hostanme/ip address.

Steps are below

Open and login to the SEPM
 
Click Monitors

Click Notifications

Click Notification Conditions
 
Click Add
 
Select "Virus definitions out-of-date"

Enter the notification name(eg- old defintion)

Select condition (eg- 3 computers with virus definitions older than 2 and so on days )

Add your email id here.

 Not Protect In AV one of IDEA already raised by Mithun.

Notification Alert as soon as SEP clients which were once reporting to SEPM goes offline

http://www.symantec.com/connect/ideas/notification-alert-soon-sep-clients-which-were-once-reporting-sepm-goes-offline

 

Thanks In Advance

Ashish Sharma

 

 

pete_4u2002's picture

in the report tab there are templates available, can you check if those are the one that you looking for. If not suggest the report.

Mithun Sanghavi's picture

Hello,

Check these Articles:

How to create a SEPM Custom Scheduled Report for Offline SEP Clients.

http://www.symantec.com/docs/TECH175948

About log types http://www.symantec.com/docs/HOWTO27271

About the different types of Symantec Endpoint Protection Manager Reports

http://www.symantec.com/docs/TECH95538

About Computer Status reports and logs http://www.symantec.com/docs/TECH95541

Saving and deleting filters http://www.symantec.com/docs/HOWTO27267

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUTION
Chetan Savade's picture

Hi,

There are two weekly scheduled reports & seven pre-defined notifications configured by Symantec.

Schedule Reports: SEPM --> Reports --> Scheduled Reports

 

Notification location:

SEPM--> Monitors--> Notifications --> View Notifications --> Notifications Conditions

If you wish you can delete these notifications & reports however it's not recommended.

Notifications are trigger only when there is a problem.

Check whether do you have any extra reports and notifications configured? if not required delete them.

Check which reports are creating extra noise & tune it them as per business requirement.

Those reports are commonly required by Company System admin's so Symantec is giving as a pre-defined.

 

Chetan Savade
Sr Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

John Santana's picture

Cool,

Many thanks for the advice and help guys.

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.