Endpoint Protection

 View Only

  • 1.  risk report

    Posted Jun 10, 2013 11:05 PM

    I can see the risk event in Monitor -> Risk Log in the past month
    But there is no data when click Report -> Risk -> create report. Please refer to the attachment. May I know why ?



  • 2.  RE: risk report

    Broadcom Employee
    Posted Jun 10, 2013 11:41 PM

    looks like there is filter set for report. can you check if it's the case?

     



  • 3.  RE: risk report

    Posted Jun 11, 2013 02:47 AM
    Hello, Please let me know which version of sepm u are using.


  • 4.  RE: risk report

    Posted Jun 11, 2013 03:29 AM

    Yes there must be a filter set under advanced settings of your risk report.



  • 5.  RE: risk report

    Posted Jun 11, 2013 07:01 AM

    Hi SymQNA,

    This is actually normal.  The Infected and At Risk Computers report is not the same thing as the Risk log.  They have two separate functions.

    A computer only gets into the Infected and At Risk Computers if it was infected -- if a virus made it onto the computer's hard drive. (The Infected status can be cleared for that computer in SEPM, once it is clean).

    The Risk log will show any computer that has been attacked by any virus within the specified time frame. This log includes entries if SEP successfully protected the computer and stopped the virus from getting onto the computer.

    Hope this helps!  &: )

    Mick



  • 6.  RE: risk report

    Broadcom Employee
    Posted Jun 11, 2013 10:59 AM

    Hi,

    Thank you for posting your query in Symantec community.

    You can refer these articles to learn more about it.

    About the different types of Symantec Endpoint Protection Manager Reports

    http://www.symantec.com/docs/TECH95538

    Risk Displays information about risk events on your management servers and their clients. It includes information about TruScan proactive threat scans.

    About Computer Status reports and logs

    http://www.symantec.com/docs/TECH95541



  • 7.  RE: risk report

    Trusted Advisor
    Posted Jun 11, 2013 01:58 PM

    Hello,

    I agree with Mick's comment.

    This is actually normal.  The Infected and At Risk Computers report is not the same thing as the Risk log.  They have two separate functions.

    Monitor >> Risk Logs 

    The Risk log contains information about risk events. Available information includes the event time, event actual action, user name, computer/domain, risk name/source, count, and file/path.

    Check this Article:

    About log types

    Reports >> Risk Reports

    Displays information about risk events on your management servers and their clients. It includes information about TruScan proactive threat scans.

    Infected and At Risk Computers

    This report consists of two tables. One table lists computers that have a virus infection. The other table lists the computers that have a security risk that has not yet been remediated.

    Check this Article:

    About the different types of Symantec Endpoint Protection Manager Reports

    http://www.symantec.com/docs/TECH95538

    Hope that helps!!