Video Screencast Help

Virus Detections on SEP Domains

Created: 15 Oct 2012 | 10 comments

Hello, I have the Schema Reference Guide. However, from this document, I'm not certain I'm able to obtain or piece together some information I need. For example, how would able obtain type of virus detected and number of viruses detected, etc. against the different domains in SEP?

Comments 10 CommentsJump to latest comment

.Brian's picture

What version, 11.x or 12.1?

Did you check the Virus schema (VIRUS table)?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Fabiano.Pessoa's picture

Hello

You want to check out where this information?
Or was it a note of how the SEP detects?

Fabiano Pessoa

Systems Analyst - Forensic Expert

_mtquery's picture

Brian, 12.x (as indicated) and the Virus schema doesn't have a column to identify the domain the security risk came from.

 

Fabiano, I want to check where this information is.

 

Fabiano.Pessoa's picture

Fabiano Pessoa

Systems Analyst - Forensic Expert

.Brian's picture

You'll need to do a join with another table. I'll see if I can find which one.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

_mtquery's picture

Fab, I need to work with raw data.

Brian, thanks.

Mithun Sanghavi's picture

Hello,

Check these Articles:

Symantec™ Endpoint Protection Manager Database Schema Reference 12.1

http://www.symantec.com/docs/DOC4324

Exporting log data to a text file http://www.symantec.com/docs/HOWTO55416

Exporting data to a Syslog server http://www.symantec.com/docs/HOWTO55417

Symantec Endpoint Protection 12.1.x event log entries 

http://www.symantec.com/docs/TECH186925

Also, Check this Thread: https://www-secure.symantec.com/connect/forums/sql-querys-database

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Fabiano.Pessoa's picture

Hi

Look at this link that contains accurate information http://www.symantec.com/business/support/index?page=content&pmv=print&impressions=&viewlocale=pt_BR&id=TECH103087

I'll keep checking precisely what you want

hugs

Fabiano Pessoa

Systems Analyst - Forensic Expert

_mtquery's picture

Mithun, thank you, you've sent this to me before, but unfortunately, I'm unable to extract info from those resource pages to get the data I need. For example, I'm not even certain if SEP raw data is able to provide me with virus info that can corollate with domains.

Fabiano.Pessoa's picture

Hello,

You need information about the database? Example: A Data Base gross virus?

Fabiano Pessoa

Systems Analyst - Forensic Expert