Video Screencast Help
Give us your opinion and win with Symantec! Please help us by taking this survey to tell us about your experience with Symantec Connect, so that we can continue to grow and improve.  Take the survey.


Created: 23 Jul 2013 | 1 comment


I want to know which computers in my network didn't upload SEP updates. In my network I use SEP for antivirus protection

I have got two collectors for SEP but I didn't understand which of them better in this case

Or, may be, I can solve this problem in another way?

Operating Systems:

Comments 1 CommentJump to latest comment

Shahnawaz K's picture

Yes you are correct, there are 2 collectors available for the SEP product viz SEP Event Collector and SEP State Event Collector.

SEP Event Collector provides you the information related to the infection that was captured is 

Partially Corrected
Where as , SEP State Event Collector provides you the information like
SEP AV Engine Status Check
SEP Firewall Status Check
SEP Host Integrity Status Check - Enabled?
SEP Infection Status Check
SEP License Expiry Status Check
SEP Tamper Protection Status Check
Data Scan Start
Data Scan End
Data Scan Cancel
Generic Content
Compliance Conclusion
Baseline Audit
Free Memory Available
RtvScan Running Status UNKNOWN
RtvScan Running Status is OFF
RtvScan Running Status is ON
Based on the difference between both you can choose the one suits your requirement.
For more information you can doenload the collector files and refer the SEC files which comes along with the package which gives a brief description of the collector.