Endpoint Protection

we can see these details in our SEPM report itself..go to reports - computer status - virus definitions distribution.

I don't have that handy but I will PM that to you.

But why do you want to use the SQL query when you can get a report from SEPM?

Thank you.

I need the query to be able to pull this information into a separate dashboard reporting tools that aggregates feeds from various security tools.

See if this helps.

https://www-secure.symantec.com/connect/forums/generate-report-about-virus-definition-installed-all-sep-clients-managed-sepm#comment-6155491

select i.computer_name
, agent_version
, pat.version as vd_version
, dateadd(s,convert(bigint,LAST_UPDATE_TIME)/1000,'01-01-1970 00:00:00') lastupdatetime
, g.name as group_name
, OPERATION_SYSTEM
, i.CURRENT_LOGIN_USER
, i.MAC_addr1
, i.ip_addr1_text
, i.DELETED
from sem_agent as sa with (nolock) left outer join pattern pat on sa.pattern_idx=pat.pattern_idx
inner join v_sem_computer i on i.computer_id=sa.computer_id
inner join identity_map g on g.id=sa.group_id
inner join identity_map p on p.id=sa.last_server_id
inner join identity_map s on s.id=sa.domain_id
inner join identity_map q on q.id=sa.last_site_id
where
(sa.agent_type='105' or sa.agent_type='151') and sa.deleted='0' and I.DELETED = 0
order by group_name, operation_system, i.COMPUTER_name