Endpoint Protection

About a month ago, the reporting console stopped reporting the action summary section.  and i am not capable of receiving any reports.   i checked the logs and got this...

Event Type:    Error
Event Source:    LogSender
Event Category:    None
Event ID:    1
Date:        8/24/2010
Time:        12:21:54 PM
User:        N/A
Computer:    ONCSAV01
Description:
The description for Event ID ( 1 ) in Source ( LogSender ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Quantifier follows nothing in regex; marked by <-- HERE in m/* <-- HERE **W99D1691/ at C:\Program Files\Common Files\Symantec Shared\Reporting Agents\Win32/Aggregate.pm line 759, <VLOG> line 1172.
.
Data:
0000: 30                        0       

help

Moved to the SAV community.

Re-install Report agent if it still doesn't resolve upgrade your report Server/SAV to 10.1.9.9000

or SEP 11.x SEP has better reporting capabilities.

thanks, i will try that.

Hi Vizzle,

I really recommend that you upgrade all existing SAV clients from 10.1 MR4 to the latest available release, MR9.  MR4 has known vulnerabilities and was not designed to process definitions files as large as the ones currently in use.  Stability and security are much better in MR9. 

Keep in mind that upgrading SAV does not automatically upgrade the Reporting Server or Reporting Agents...  there are many reporting fixes in MR9 that were not in place in your current version.  I do not know if the directly correpond to what you are seeing, but it's highly likely that moving to MR9 will resolve the trouble. 

Please do keep the forum up-to-date with your progress!

Thanks and best regards,

Mick