Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

List of clients automatically deleted from SEPM

Created: 21 Feb 2013 | 4 comments

Hi,

I have checked the option "Delete clients that have not connected for specified time" in SEPM (12.1.1101.401 - RU1 MP1).

Now I have to find clients that were installed and deleted later (because they have not connected for specified time). How can I get a list of clients that were deleted during some period?

Thanks,

Lubos

Operating Systems:

Comments 4 CommentsJump to latest comment

Ashish-Sharma's picture

Hi,

Check this thread and mithun Comments

https://www-secure.symantec.com/connect/forums/report-clients-not-contacting-sepm-server#comment-7999571

Finding Clients with SEP clients and not reporting to the SEPM.

In this case, check the Articles below:

How to create a SEPM Custom Scheduled Report for Offline SEP Clients.

http://www.symantec.com/docs/TECH175948

Finding offline computers

http://www.symantec.com/docs/HOWTO81330

Thanks In Advance

Ashish Sharma

 

 

Lubos DVORAK's picture

Hi Ashish Sharma,

This is not exactly what I need. I understand that I cannot find a SEP client that was installed in past, then automatically deleted from SEPM database due to long inactivity and has not connected to the network anymore.

However, thank you very much for valuable links about finding offline clients and finding clients without SEP.

Best regards,

Lubos

Ashish-Sharma's picture

Yes this option are not available in sepm you can raised idea for same

https://www-secure.symantec.com/connect/security/ideas

Thanks In Advance

Ashish Sharma

 

 

SMLatCST's picture

If installed using an offbox database, you may be able to cobble a sql script to grab this info for you.

The below article provides information on the SEP database schema to help you out:

http://www.symantec.com/docs/DOC4324

I reckon the LASTCHECKINTIME db field name in the Inventory Report schema might be handy here, or the DELETED flag under SEM Agent schema perhaps.

Also, you've posted in the Encryption forums.  You will get a better response and coverage if you were to put this in the endpoint protection forums instead.  You never know, maybe someone already has a script ready to go smiley