Endpoint Protection

 View Only

  • 1.  How to create a custom report in SEPM

    Posted Oct 02, 2009 11:38 AM
    I am trying to figure out how to create a custom report in SEPM. I can create a filter for what I want but the report I am trying to create does not exist.
    I am trying to schedule a report to email me usb logging log for a week at a time instead of the notification you get every time a file is written to a usb device.
    I have gotten as far as I can with the report type of Application and Device Control, select a report you only have 3 selections. I used top groups with most alerted application.
    I used a saved filter.
    What I get is a report that shows a pie chart with the Number of alerts and percent. Any suggestions?
    What I am looking to create is a report that shows me the data that the notification shows the following:
    Event Time Event Type
    Severity
    Number    		 Domain
    Server
    Group    		 Computer
    IP Address
    Operating System    		 Client User Name Rule Name
    Action    		 Caller process
    Target    		 Event Description


    Is there any way to create a custom report to do this? It would be a lot easier to look through a weekly or daily report than it is to open each and every email notification that is received daily.
    Also it is easier than having to log into the server and check all the event notifications. We have upper management asking for reports of this type.



  • 2.  RE: How to create a custom report in SEPM
    Best Answer

    Posted Oct 02, 2009 11:59 AM

    These may help


    Title: 'Creating notifications in the Symantec Endpoint Protection Manager'
    Document ID: 2009010512081748
    > Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2009010512081748?Open&seg=ent


    Title: 'Email Notifications for Application and Device Control events do not work'
    Document ID: 2008100215002548
    > Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2008100215002548?Open&seg=ent


    Title: 'How to create email notifications in the event of risk outbreak or virus definitions out-of date in Symantec Endpoint Protection Manager (SEPM)'
    Document ID: 2008032116480748
    > Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2008032116480748?Open&seg=ent
     



  • 3.  RE: How to create a custom report in SEPM

    Posted Oct 02, 2009 12:02 PM
    Hi,

           Please check this link.

    http://service1.symantec.com/support/ent-security.nsf/docid/2008061808582648