Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Monitors -> Notifications: Virus definitions out-of-date

Created: 13 Feb 2012 | 4 comments

We have 2 SEPM’s that are currently running 12.1 RU1.  OS 2008 R2 Standard.
Both are pointed at a single SQL 2008 database on another server with OS of 2008 R2 Standard.

I’ve setup email notifications for computers that have out of date definitions to go out to administrators of specific groups that have been imported into SEPM from Active Directory.  These notifications are working fine and initially the information was accurate.  Administrators have gone to the machines in question and they did have a problem, resolved it, and now in SEPM they show that they are working properly.  Other machines were old computer accounts in Active Directory and the accounts were deleted and this updated in the SEPM as well.  What we are seeing though is that the reports aren’t updating.  Repaired / deleted computers are still showing up on the reports even though they show that they are working or are no longer listed.  I did get a notice from one of our administrators that after several weeks some of the computers that were resolved did fall off of their list.  Why would it take so long for these reports to update?

Comments 4 CommentsJump to latest comment

mon_raralio's picture

Depending on the time the report was taken and the observed time period (past day, past week...etc.), the PC will either be present or not. This is helpful when looking at risk histories as well.

“Your most unhappy customers are your greatest source of learning.”

Chetan Savade's picture

Hi,

Try to delete existing notification, repair SEPM, create new notification.

New notification should have accurate data.

have you enabled SEP 12.1 database maintenance features ?

1) Truncate transaction logs

2) Rebuild indexes

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Appel's picture

In the SEPM database properties I do have "Truncate the database transaction logs" set to every 4 hours.  Rebuild indexes is set to weekly on Sundays.  Both picks are checked.

I currently have around 100 notification’s configured and being sent to different companies that we manage so rebuilding a notification every time a computer issue is resolved is not a realistic resolution.

Chetan Savade's picture

Hi,

SQL database will have his own database maintenance schedule ?

If yes, uncheck both the pick which are checked.

It might happen due to SQL database inconsistency.

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<