Endpoint Protection

 View Only

  • 1.  old definition systems report

    Posted Mar 01, 2014 12:52 AM

    Any of the report which can show the old definition systems

    so i can track and update the systems with updated definitions and manitain the compliance target.



  • 2.  RE: old definition systems report
    Best Answer

    Posted Mar 01, 2014 12:55 AM

    You can create the daily notification for the same.

    Steps are below

    Open and login to the SEPM
     
    Click Monitors

    Click Notifications

    Click Notification Conditions
     
    Click Add
     
    Select "Virus definitions out-of-date"

    Enter the notification name(eg- old defintion)

    Select condition (eg- 3 computers with virus definitions older than 7 and so on days )

    Add your email id here.

    Option 2:

    You can export compuer status report also you can find out of defination report.

    Monitors -> logs -> computer status

    Option 3

    Some of Sql query availabled

    https://www-secure.symantec.com/connect/articles/compilation-sql-queries-sepm-database

    edit

    See this thread james comment

    https://www-secure.symantec.com/connect/forums/sepm-121-clients-old-definitions-report



  • 3.  RE: old definition systems report

    Posted Mar 01, 2014 01:05 AM

    You can export Computer status report.

     SEPM-->Monitors Tab-->Logs--Computer status logs

    Exporting a log report in Symantec Endpoint Protection Manager in .csv format

    http://www.symantec.com/docs/TECH179235

     

    Or

    SEP Client Information Query. Query result shows:
    ♦ SEP Computer name
    ♦ Installed SEP Version
    ♦ AV definition revision with the timestamp of the last update
    ♦ Assignement to SEPM Group
    ♦ Operating System
    ♦ Logged-on User
    ♦ MAC address
    ♦ IP address

    select i.computer_name
, agent_version
, pat.version as vd_version
, dateadd(s,convert(bigint,LAST_UPDATE_TIME)/1000,'01-01-1970 00:00:00') lastupdatetime
, g.name as group_name
, i.OPERATION_SYSTEM
, i.CURRENT_LOGIN_USER
, i.MAC_addr1
, i.ip_addr1_text
, i.DELETED
from sem_agent as sa with (nolock) left outer join pattern pat on sa.pattern_idx=pat.pattern_idx
inner join v_sem_computer i on i.computer_id=sa.computer_id
inner join identity_map g on g.id=sa.group_id
inner join identity_map p on p.id=sa.last_server_id
inner join identity_map s on s.id=sa.domain_id
inner join identity_map q on q.id=sa.last_site_id
where
(sa.agent_type='105' or sa.agent_type='151') and sa.deleted='0' and I.DELETED = 0
order by group_name, operation_system, i.COMPUTER_name

     

    Compilation of SQL queries to the SEPM database

    https://www-secure.symantec.com/connect/articles/compilation-sql-queries-sepm-database

    https://www-secure.symantec.com/connect/forums/sql-querys-database