SEPM no longer receiving risk logs
Hey guys,
I have 32,000 endpoints in my SEPM 11.0.5 Environment. On a weekly basis, I get thousands of risk detections; mostly remediated successfully. For whatever reason, those Risk Events have stopped coming to my SEPM and I am not sure why. Computer Status logs still come from the clients, Risk ones do not, and that is what I pay attention to more. Becuase of this the Risk Detection dashboard on my SEPM home screen is not up to date at all.
I didn't change any policies, and here is a screenshot of my main AV/AS policy which the majority of my 32,000 endpoints use:
Likewise, here is a screenshot of the server log settings if it matters:
Can you guys suggest something for me to do to try and correct this? There is no proxy in our environment if that is a question. I have already restarted the SEPM as well as the SQL server. Upgrading the SEPM at the moment is not an option, and it had been working perfectly fine up until two weeks ago.
Thanks in advance for any help.
Comments
hi
try clearing the DAT files
http://98.129.119.162/connect/ja/forums/monitor-tab-everything-reports-no-information#comment-4730831
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
Are you using Symantec........
Are you using Symantec mail security for Exchange on the same machine??
No, not using Mail Security
No, not using Mail Security on the same machine
_________________________________________________________________
Please remember to mark the thread 'SOLVED' with the answer that most helped you by choosing 'Mark As Solution' on the applicable answer
Hello Please try to clear SQL
Hello
Please try to clear SQL transaction logs which is for Sepm
http://social.msdn.microsoft.com/Forums/en-US/sqld...
http://support.microsoft.com/kb/317375
Please Backup the db before making any changes to it
Swapnil
SOC Team .
Please don't forget to mark your thread solved with whatever answer helped you.
Would you like to reply?
Login or Register to post your comment.