Vidéos d'aide de Screencast

SEP Event Monitoring/Remediation with Workflow

Created: 06 Décembre 2012 | 1 commentaire

As we're starting to go forward with our SEP remediation workflow, I'm curious to see if any others in the community are using Workflow to monitor SEP events? If so, how are you going about doing it? I've seen a few videos posted and got a few ideas but wonder what else others are doing. Any feedback would be great!

Our plan is to monitor the events by SQL query and take appropriate action based on certain triggers. We're planning to automate the update and scanning and if that doesn't resolve the issue then possibly move the machine to a lockdown group if there are numerous events. Then of course create a ticket in our Helpdesk (ServiceNow) and route it to the appropriate group.

Commentaires 1 CommentAccéder au dernier commentaire

l'image des reecardo

SPC (if I remember correctly) actually deployed some workflows that had some custom components. The SPC components VERY closely resembled the SEP components.