Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.

Real time data from a Managed Software Delivery

Created: 14 Jan 2013 | 19 comments

I'm new to SMP 7.1 and I have a question reqarding real time data from a Managed Software Delivery.

I have an application that I need to deploy to 5,000 computers.  I've created the Software Release with the appropriate detection rule.  What report can I run five minutes after the start of the deployment to know which computers have it installed?

Comments 19 CommentsJump to latest comment

andykn101's picture

Right click on the Policy > Actions > Software Execution Report.

Authorised Symantec Consultant (ASC) with Endpoint Management Limited, an Authorised Symantec Delivery Provider based in the UK.

Connect Etiquette: Please "Mark as Solution" posts that fix your problem.

ArthurV's picture

Is there anything else besides exit codes?  Does the "Detection Rule" check send information to the server?    Is there a report I can run 10 minutes after turning on the policy that can show me which computers are compliant?  I feel this is a much better way of determining if the appliation I deployed is actually installed.  

Dmitri Dragunov's picture

Right click on the Policy > Actions > Software Compliance Report.

 

Also you may check in Reports -> Software -> Delivery -> Execution Status report

 

ArthurV's picture

I believe Software Compliance Report is what I am looking for.  Is there a way to run the report against the Target audience that my Managed Software delivery is pointing to?

mclemson's picture

Yes, you can use the Detection Check as part of a Targeted Software Inventory.  This will tell you who already has the software installed.  You can schedule it to run 5, 15, 30 minutes after your policy.

Mike Clemson, Senior Systems Engineer, ASC
Intuitive Technology Group -- Symantec Platinum Partner
intuitivetech.com

ArthurV's picture

Thank you for the suggestion.  Is ther any documention on how to perform a Detection Check as part of a Targeted Software Inventory?

mclemson's picture

"About targeted software inventory"
http://www.symantec.com/docs/HOWTO63543

"Running a targeted software inventory"
http://www.symantec.com/docs/HOWTO63544

Once created, you can right-click on it and choose a Report to view the results.
 

Mike Clemson, Senior Systems Engineer, ASC
Intuitive Technology Group -- Symantec Platinum Partner
intuitivetech.com

ArthurV's picture

Thank your for the HOWTO articles.  

I created a targeted software inventory policy.  Policy ran on the client and it shows 'Not Compliant' on the Agent.  When I run a report, it shows 'In Compliance'.  How long does it for the report to show 'Not Compliant'?

When I go to Software Releases, click on the software I ran the inventory againts, that computer is NOT listed under 'Computer with software installed'.  This is working as designed.

mclemson's picture

What report?  Can you post a screenshot of the client GUI, the report result?  'Computer with Software Installed' is populated by Add/Remove Programs software inventory, which you're running on some sort of schedule.

Mike Clemson, Senior Systems Engineer, ASC
Intuitive Technology Group -- Symantec Platinum Partner
intuitivetech.com

ArthurV's picture

First screenshot is from the Agent.

Second screenshot is when I right click the 'Adobe AIR Targeted Software Inventory', go to Reports, then click on 'Software Compliance Report'.

Third screenshot is from Software Release.

mclemson's picture

I'm perplexed.  Has this improved at all after a day or two, perhaps because of an overnight or daily scheduled task on the NS?

Mike Clemson, Senior Systems Engineer, ASC
Intuitive Technology Group -- Symantec Platinum Partner
intuitivetech.com

ArthurV's picture

I opened a ticket with support and determined that the 'Target Software Inventory' is NOT used to gather compliance.  The link below will show you which report you can run to see the results.

http://www.symantec.com/docs/HOWTO63543
mclemson's picture

Right, this populates the Installed Software report and the InstalledSoftware data class.  Based on what you've said, it looks like your detection rule is not written correctly.  Can you provide a screenshot of the detection rule you've created?

Mike Clemson, Senior Systems Engineer, ASC
Intuitive Technology Group -- Symantec Platinum Partner
intuitivetech.com

ArthurV's picture

The detection rule is correct, beause it properly displays the correct status on the Agent.  The Targeted Software Inventory does NOT write the Compliance Status to the DB.

Andrew_Shishkov's picture

Hi Arthur,

 

As far as I can see Targeted Software Inventory writes the Compliance Status to the DB (check Inv_Policy_Compliance_Status table), but it is not shown in Software Compliance reports. Now only information from Managed Delivery policies shown there which in my opinion is not correct.

BTW - why you are trying to use Targeted Software Inventory instead of relying on information from Managed Software Deliveries in the same report?

 

Thanks,

Andrew.

 

ArthurV's picture

I read somewhere that I can use Targeted Software Inventory to gather Inventory on a software that doesn't have a Managed Sofware Delivery Policy.

Andrew_Shishkov's picture

You can do it, but currently information gathered by Targeted Software Inventory not reflected in Software Compliance report (since Software Compliance reports intended to show software delivery status, not inventory information).

If you want to get information about all software installed on the clients, I suggest to use not Targeted Software Inventory, but usual Inventory policy. Targeted Software Inventory can help you in case you only want to get information about some particular software, but in this case you should use Installed Software report to see results of the inventory, not Software Compliance report.

If you want to collect information about installed software as a preparation step to software delivery, then I suggest to create Managed Software Delivery policy unchecking "If software is not found, install it:" checkbox. In this case Software Compliance report will shown the output and later you will be able to deliver the software just by checking this checkbox.

Thanks,
Andrew.

Thomas B.'s picture

I am also new to SMP 7.1 and almost have the same inquiries as ArthurV.

My problem is, that I want to use the compliance report for managed software delivery, which doesn´t match with the inventory status.

An example:

Firefox 22.0 is installed on 200 PC´s (according to "Reports -- All Reports -- Discovery and Inventory -- Inventory -- cross-platform -- software -- installed software)

In contrast, only 100 PC´s have the status "conform" when checking Firefox 22.0 compliance ("Reports -- All Reports -- Software -- Software Compliance by managed software delivery policy")

So why is there such a difference between compliance status and software installed reports?

I have already checked

http://www.symantec.com/business/support/index?pag... +

http://www.symantec.com/docs/HOWTO63543
http://www.symantec.com/docs/HOWTO63544

@Andrew: Thanks for your helpful comments. My question to you: If information gathered by targeted Software Inventory can not reflected in Software Compliance report, how can I can gather information for Software Compliance reports? Is there any task or trigger?

Thanks for any help.

Thomas

 

BTW: Inventory Task are running once per week (Delta software inventory) and once per month (full  inventory). Managed software delivery policies are running successfully with (selfmade) targeted software inventory rules.

We have forced last night a full inventory task for all PC´s - unfortunatly with the result, that the software compliance report have not changed a bit.