Endpoint Protection

 View Only

  • 1.  Creating report for SEP client only when there is issue ?

    Posted Sep 03, 2012 01:54 AM

    Hi,

    In order to reduce email noise that we normally receive, how can I configure SEPM server to only email me when there is applicable components (servers and workstations/laptops) are NOT protected with AV, any periodic scans not running and not having the latest definition ?



  • 2.  RE: Creating report for SEP client only when there is issue ?

    Posted Sep 03, 2012 02:22 AM

    Report not having the latest definition

    It help you to find the old defintion systems with hostanme/ip address.

    Steps are below

    Open and login to the SEPM
     
    Click Monitors

    Click Notifications

    Click Notification Conditions
     
    Click Add
     
    Select "Virus definitions out-of-date"

    Enter the notification name(eg- old defintion)

    Select condition (eg- 3 computers with virus definitions older than 2 and so on days )

    Add your email id here.

     Not Protect In AV one of IDEA already raised by Mithun.

    Notification Alert as soon as SEP clients which were once reporting to SEPM goes offline

    http://www.symantec.com/connect/ideas/notification-alert-soon-sep-clients-which-were-once-reporting-sepm-goes-offline

     



  • 3.  RE: Creating report for SEP client only when there is issue ?

    Broadcom Employee
    Posted Sep 03, 2012 02:28 AM

    in the report tab there are templates available, can you check if those are the one that you looking for. If not suggest the report.



  • 4.  RE: Creating report for SEP client only when there is issue ?
    Best Answer

    Trusted Advisor
    Posted Sep 03, 2012 02:41 AM

    Hello,

    Check these Articles:

    How to create a SEPM Custom Scheduled Report for Offline SEP Clients.

    http://www.symantec.com/docs/TECH175948

    About log types http://www.symantec.com/docs/HOWTO27271

    About the different types of Symantec Endpoint Protection Manager Reports

    http://www.symantec.com/docs/TECH95538

    About Computer Status reports and logs http://www.symantec.com/docs/TECH95541

    Saving and deleting filters http://www.symantec.com/docs/HOWTO27267

    Hope that helps!!



  • 5.  RE: Creating report for SEP client only when there is issue ?

    Broadcom Employee
    Posted Sep 03, 2012 08:09 AM

    Hi,

    There are two weekly scheduled reports & seven pre-defined notifications configured by Symantec.

    Schedule Reports: SEPM --> Reports --> Scheduled Reports

     

    Notification location:

    SEPM--> Monitors--> Notifications --> View Notifications --> Notifications Conditions

    If you wish you can delete these notifications & reports however it's not recommended.

    Notifications are trigger only when there is a problem.

    Check whether do you have any extra reports and notifications configured? if not required delete them.

    Check which reports are creating extra noise & tune it them as per business requirement.

    Those reports are commonly required by Company System admin's so Symantec is giving as a pre-defined.

     



  • 6.  RE: Creating report for SEP client only when there is issue ?

    Posted Sep 03, 2012 08:16 PM

    Cool,

    Many thanks for the advice and help guys.