Plain Text and Simple Reports
Created: 22 May 2012 | 4 comments
These emailed reports are driving me crazy. When I get a risk alert I want to immediately see a handful of information. I have zero interest in seeing pie graphs and charts. I hate having to scroll through long emails just to find the specific bits of info I need, on top of which sometime it's a graphic and sometimes it's text in a small spreadsheet like chart.
All I want is:
1 - name of PC
2 - IP address of PC
3 - timestamp of event
4 - name of detected file or process
5 - name of infection
I'm sure only three quarters of the time I spend looking at any given SEPM alert email is spent trying to find the details I've listed, but it always seems like more.
Is there anyway to remedy this?
Marlin
Discussion Filed Under:
Comments 4 Comments • Jump to latest comment
So the lack of response means either 1) It's impossible in the current version, so shut up already. 2) It's so ridiculously easy that the question is foolish.
If 2) please provide a link where by I can be educated and appreciate the silliness of my request.
Thanks!
Hi,
About log types
http://www.symantec.com/docs/HOWTO27271
About Computer Status reports and logs
http://www.symantec.com/docs/TECH95541
About the different types of Symantec Endpoint Protection Manager Reports
http://www.symantec.com/docs/TECH95538
Saving and deleting filters
http://www.symantec.com/docs/HOWTO27267
Customize the Logs / Reports
https://www-secure.symantec.com/connect/articles/how-export-virus-definition-and-client-information-excel-format
About log types http://www.symantec.com/business/support/index?page=content&id=HOWTO27271
Metrics using data from SEPM
https://www-secure.symantec.com/connect/articles/metrics-using-data-sepm
Metrics using data from SEPM (Part2)
https://www-secure.symantec.com/connect/articles/metrics-using-data-sepm-part2
Metrics using data from SEPM (part three)
https://www-secure.symantec.com/connect/articles/metrics-using-data-sepm-part-three
Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.&
Thanks much for the reply! You've given me quite the list for further research. I'm looking forward to it.
I have since discovered a side effect of the html email alerts in that our SEPM's httpd.exe was acting wonky, taking lots of processor and not letting go mostly. Investigating this, I "discovered" the tomcat\temp folder which held over 81000 .png files going back almost exactly one year. Considering the average New Risk Alert email contains nine little pie charts, it's not that surprising to find the system was generating over 200 of these little graphics a day. I cleaned out all but the last ten days worth, leaving only 2273 files in this temp directory.
Can't say yet that there's any direct causal link between the number of temp files and httpd's occasional acting out, but it occur to me that if SEPM were generating plain text alerts, there'd have been no need for thousands of little graphics files nor .mht files.
Hi,
Ideally it should not keep 1 year old logs. Could you check SEPM log retention settings.
By default SEPM keeps 60 days logs.
If settings are set to default then there would be something wrong with tomcat apache.
Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.&
Would you like to reply?
Login or Register to post your comment.