Install test Symantec Endpoint Protection Server with MS SQL database (in my case). You can find a lot of simple guides how doing that.
Identify what data you need to get clear SQL query. Let's say that for this example we need all computers at risk and the time period will be 1 year.
Open SEPM web console using other web browser then IE. It can be Chrome or FireFox or any other you like.
Your link to the SEPM web console should look like it:
https://sepm_server:8443 replace "sepm_server" your SEPM ip or hostname.
Log in SEPM using web console.
After that open Report Section of SEPM Console and set proper report you want to extract. In my case it would be:
|Selected report||Infected and At Risk Computers|
|Time range||Past Year|
Now we start tricky part. Hit "Create Report" button and you should see popup windows with SEPM report.
In the popup window with URL filed you should see link look like it:
Ok. Now we know what PHP file is used to generate report we asked for. Let's find this file on SEPM server.
Open Symantec Endpoint Protection Manager folder and go to: Inetpub\Reporting\Reports
Now find rep_infectedclients.php end open it in any text editor. (remember to change file permission and uncheck "Read Only" in file properties)
Now we add simple one line of code in our file.
rep_infectedclients.php before changes:
and after (I added echo $query;):
After all Save and Close your rep_infectedcomputers.php file.
Now we back to SEPM console and reopen our report I described in STEP 4 and now we should get our clear SQL query.