Endpoint Protection

 View Only

  • 1.  Is there a list of 'Action Source' values out there ?

    Posted Nov 23, 2009 12:24 AM
    Hi Everyone,

    I am in the process of revising our procedures on how to deal with AV alerts, which is to be rolled out to our first level support. 

    When an alert notification is generated, it would be good to know all possible vriables which may appear in the 'Action Source' column.

    Does anyone know where I can find such a list ?

    So far, I haven't find anything in the official docco, or on this forum, or anywhere else for that matter.

    There shouldn't be too many variables for this column, but I am keen to cater for all possible outcomes.

    Values I have seen so far include 'Cleaned by deletion', 'Left-Alone'  and 'Quarantined' but I know there must be a few more than this.

    Help appreciated.

    Thanks.



  • 2.  RE: Is there a list of 'Action Source' values out there ?

    Posted Nov 23, 2009 01:37 AM

    Closest I've found so far is a list relating to SAV 10.1:-

    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2006112010562148



  • 3.  RE: Is there a list of 'Action Source' values out there ?
    Best Answer

    Posted Nov 23, 2009 02:23 AM
     The Doc Above is also applicable for Symantec Endpoint Protection as Antivirus Engines is same in SAV and SEP.
    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2006112010562148