Endpoint Encryption

Hi,

I have checked the option "Delete clients that have not connected for specified time" in SEPM (12.1.1101.401 - RU1 MP1).

Now I have to find clients that were installed and deleted later (because they have not connected for specified time). How can I get a list of clients that were deleted during some period?

Thanks,

Lubos

Hi,

Check this thread and mithun Comments

https://www-secure.symantec.com/connect/forums/report-clients-not-contacting-sepm-server#comment-7999571

Finding Clients with SEP clients and not reporting to the SEPM.

In this case, check the Articles below:

How to create a SEPM Custom Scheduled Report for Offline SEP Clients.

http://www.symantec.com/docs/TECH175948

Finding offline computers

http://www.symantec.com/docs/HOWTO81330

Hi Ashish Sharma,

This is not exactly what I need. I understand that I cannot find a SEP client that was installed in past, then automatically deleted from SEPM database due to long inactivity and has not connected to the network anymore.

However, thank you very much for valuable links about finding offline clients and finding clients without SEP.

Best regards,

Lubos

Yes this option are not available in sepm you can raised idea for same

https://www-secure.symantec.com/connect/security/ideas

If installed using an offbox database, you may be able to cobble a sql script to grab this info for you.

The below article provides information on the SEP database schema to help you out:

http://www.symantec.com/docs/DOC4324

I reckon the LASTCHECKINTIME db field name in the Inventory Report schema might be handy here, or the DELETED flag under SEM Agent schema perhaps.

Also, you've posted in the Encryption forums.  You will get a better response and coverage if you were to put this in the endpoint protection forums instead.  You never know, maybe someone already has a script ready to go