SEP 11 Metrics Reporting
Hi All,
I'm wondering, does anyone know if there are "management level" metrics reports that can be run in SEP? I've looked through the reports, and they seem to list every virus, client, etc. in full detail. I'm looking for metrics reporting; total number of viruses found in a month, overall count of the types of viruses found, total number of network intrusions prevented, total number of machines cleaned, etc. For example, if I look under the "Risk" reports, choose "Infected and At Risk Computers," then choose a time range of "Past month," the report shows each individual system, with each individual virus...and apparently the list is too long because it ends with "The rows in this report have been limited to the maximum specified in your preferences."
Do any "rollup" type reports exist, or is it possible to create them? Thanks,
C. Nimmer
Comments
There is a "Full Report"
There is a "Full Report" option under some of the categories that will give you some of the information. I pull the information you are looking for from there and also go directly into the database in read only mode to export specific tables to manually gather additional information. I haven't had much luck getting detailed data on the firewall/ids components from the reporting interface yet.
If it helps I can get more information tomorrow on the specific reports I run to gather my statistics for our mangement team.
Log on to the SEP Manager
Log on to the SEP Manager Console
Go to Reports > Quick Reports
Report type : risk
Select a report: Comprehensive Risk Report
Time Range: Past month or Current month or whatever time range you choose.
Or you can have it sent to your email on a timely interval by clicking the Scheduled Reports tab.
“Your most unhappy customers are your greatest source of learning.”
Further to add to mon_raralio
You can also configure the comprehensiver risk report based on below mentioned risk types
Thanks and regards,
Nirav Mistry
Nirav Mistry
Mon_Raralio nailed it on the
Mon_Raralio nailed it on the head. That's what I get for trying to think about the settings without the window in front of me. :)
To expand on what scheduling this type of report do as Mon_raralio suggested:
Log on to the SEP Manager Console
Go to Reports > Quick Reports
Report type : risk
Select a report: Comprehensive Risk Report
Time Range: Past month or Current month or whatever time range you choose.
Before hitting Create Report, click Save Filter. Name the saved filter something logical to you.
Click the Scheduled Reports tab.
Click Add
Fill out the Report Name, Description.
Select the Report Type
Select the Comprehensive Risk Report
Select your Saved filter
Setup the schedule (Run Every)
Finally setup the report to be emailed directly to you.
Cheers
Awesome
Thanks all for the input, the comprehensive risk report is exactly what I was looking for! It will be scheduled posthaste :)
Hey jeffwichman, I would be interested in the tables\columns you pull your data from in SQL though...
Thanks again!
Get directly from SQL
@jeffwichman: I'm also interested on how to get the data directly from SQL assuming that it is embedded and what GUI client you'd suggest.
“Your most unhappy customers are your greatest source of learning.”
In response to the SQL
In response to the SQL statements... I was thinking of the SQL tables I use to get a better look at IDS alerts. However I am writing a new article to get some really good metrics/statistics from SEPM. It should be done by either Friday or Sunday.
Here is the first draft. I'm
Here is the first draft. I'm going to continue working on metrics from SEP over the next couple of months. I will update/create articles as I go. If anyone has ideas for metrics from SEPM let me know.
https://www-secure.symantec.com/connect/articles/metrics-using-data-sepm
Would you like to reply?
Login or Register to post your comment.