Endpoint Protection

 View Only

  • 1.  How to check SEP11 client status from CLI

    Posted Dec 14, 2010 08:15 AM

    currently we are deploying SEP11 installed in a ghost image. The SEP11 is unmanaged in the image and during the deployment we sylinkdrop to set it to managed. Since we want the process to update before we contine we need to check to see if the system is connected to the server and if it is completly updated. Right now we just use a "sleep 900" which seems to be enough time for any system to connect, but for some systems it takes about 2 minutes to complete, so it is a lot of waiting for nothing.

    So any suggestions of command line tools/registry/files would be great.

    Thanks.

    Martin



  • 2.  RE: How to check SEP11 client status from CLI

    Posted Dec 14, 2010 08:25 AM

    Where exactly do you see "sleep 900"? In sylinkdrop script?



  • 3.  RE: How to check SEP11 client status from CLI

    Posted Dec 14, 2010 08:51 AM

    The sleep 900 is in our script. After we call the sylinkdrop.exe we have the sleep command wait for the 15 min while it syncs.



  • 4.  RE: How to check SEP11 client status from CLI

    Posted Dec 14, 2010 09:11 AM

    Ok, so if I uderstand well, it takes 2 min for the client to connect after sylinkdrop is used, right?



  • 5.  RE: How to check SEP11 client status from CLI

    Posted Dec 14, 2010 10:29 AM

    It can take 2 minutes or it could take longer even up to or past the 15 minutes. Since some machines are built locally and some are remote there can be a delay due to network. Also delays can occur if the system is older (slower).

    Basically what we want is for those machines that 2 minutes to update to not have to wait another 13 minutes before they can continue. We would want to have the script do a loop and check every couple minutes to see if the client is updated and configured. Since this is being done in a batch file, I need it to be a command line that can be executed and check the results.



  • 6.  RE: How to check SEP11 client status from CLI

    Posted Dec 14, 2010 10:42 AM

    For server connection maybe you could use:

    HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC\SYLINK\SyLink\LastServerConnectionTime ?



  • 7.  RE: How to check SEP11 client status from CLI

    Posted Dec 14, 2010 02:09 PM

    Hi Pawel,

    Will the existance of that key/value tell me that it is updated? If it does that is perfect.

    Thanks



  • 8.  RE: How to check SEP11 client status from CLI



  • 9.  RE: How to check SEP11 client status from CLI

    Posted Dec 14, 2010 04:34 PM

    It will tell you the connection time to server. For updates we need to figure something out I suppose :-)

    EDIT: The same for point 2 of the article mentioned below by Rafeeq.

    You can see if the client is updated checking folders in content folder in \Symantec\Symantec Endpoint Protection - which folder depends if your client is 32 or 64 bit and what defs you would like to check: 1CD85198... for 32 bit antivirus defs for example.