Endpoint Protection

 View Only

  • 1.  Monitors -> Notifications: Virus definitions out-of-date

    Posted Feb 13, 2012 05:51 PM

    We have 2 SEPM’s that are currently running 12.1 RU1.  OS 2008 R2 Standard.
    Both are pointed at a single SQL 2008 database on another server with OS of 2008 R2 Standard.

    I’ve setup email notifications for computers that have out of date definitions to go out to administrators of specific groups that have been imported into SEPM from Active Directory.  These notifications are working fine and initially the information was accurate.  Administrators have gone to the machines in question and they did have a problem, resolved it, and now in SEPM they show that they are working properly.  Other machines were old computer accounts in Active Directory and the accounts were deleted and this updated in the SEPM as well.  What we are seeing though is that the reports aren’t updating.  Repaired / deleted computers are still showing up on the reports even though they show that they are working or are no longer listed.  I did get a notice from one of our administrators that after several weeks some of the computers that were resolved did fall off of their list.  Why would it take so long for these reports to update?



  • 2.  RE: Monitors -> Notifications: Virus definitions out-of-date

    Posted Feb 13, 2012 10:19 PM

    Depending on the time the report was taken and the observed time period (past day, past week...etc.), the PC will either be present or not. This is helpful when looking at risk histories as well.



  • 3.  RE: Monitors -> Notifications: Virus definitions out-of-date

    Broadcom Employee
    Posted Feb 14, 2012 09:57 AM

    Hi,

    Try to delete existing notification, repair SEPM, create new notification.

    New notification should have accurate data.

    have you enabled SEP 12.1 database maintenance features ?

    1) Truncate transaction logs

    2) Rebuild indexes



  • 4.  RE: Monitors -> Notifications: Virus definitions out-of-date

    Posted Feb 14, 2012 01:43 PM

    In the SEPM database properties I do have "Truncate the database transaction logs" set to every 4 hours.  Rebuild indexes is set to weekly on Sundays.  Both picks are checked.

    I currently have around 100 notification’s configured and being sent to different companies that we manage so rebuilding a notification every time a computer issue is resolved is not a realistic resolution.



  • 5.  RE: Monitors -> Notifications: Virus definitions out-of-date

    Broadcom Employee
    Posted Feb 15, 2012 08:52 AM

    Hi,

    SQL database will have his own database maintenance schedule ?

    If yes, uncheck both the pick which are checked.

    It might happen due to SQL database inconsistency.