Endpoint Protection

 View Only

  • 1.  SEP 11 RU6 PP1 Linux Reporting Features

    Posted Mar 08, 2011 11:43 AM

    We have Linux systems using SAV for Linux 10 that we would like to configure to take advantage of the new RU6 MP2 PP1 feature which allows Linux clients to send their logs to the SEP servers, although centrally managing them is not available. I can not find any documentation or instructions on how to configure the linux clients to actually do this. So, how do we take advantage of the PP1 features and configure Linux clients to send their logs?



  • 2.  RE: SEP 11 RU6 PP1 Linux Reporting Features

    Posted Mar 08, 2011 12:17 PM

    do you have SSC installed which manages the SAV for linux? Unmanaged?

     

    How to forward Symantec Antivirus 10.x events to SSIM appliance using SEP 11 Manager



  • 3.  RE: SEP 11 RU6 PP1 Linux Reporting Features
    Best Answer

    Posted Mar 08, 2011 03:45 PM

    Symantec AntiVirus for Linux (SAVFL) Reporter 1.0.10 Release Notes
    http://www.symantec.com/docs/DOC3474

    I believe you must also enable the SEPM to accept legacy reporting:

    How to configure Symantec Endpoint Protection Manager to receive SAV 10.x logs
    http://www.symantec.com/docs/TECH105075

    sandra



  • 4.  RE: SEP 11 RU6 PP1 Linux Reporting Features

    Posted Mar 09, 2011 11:43 AM

    Sandra is correct, the release notes page contains a readme.txt file (as does the actual download) that has instructions for installation and configuration. You will need to enable legacy reporting on the SEPM as well.