Effectively customer is trying to do is to understand when the weekly On-Demand scan (VSE or ENS based) for each endpoint is scheduled and export that information of ePO (or from the SQL database).    I’m fairly sure that there is no ePO query for this, however I suspect the information is located in one or multiple tables in the SQL database (Customer have no access to the Database so would not to provide SQL commands to their Database Admin Team). Customer have 42 active Client Tasks for VSE/ENS On-Demand scans, however they don’t want to have to go into each one of them to see what are the Tags and scheduled date/time. So basically, just asking for an export from ePO of each endpoint, along with their scheduled On-Demand scan date/time. If we can get additional information included in that report such as OS Type and Domain Name that would also be great.

@AELSAJOH 

For event ID 1203 -On demand scan completion, in the  table eventsfilterdesc, the description field is:

On Demand scan complete. Detections %NUMVIRS%, Cleaned %NUMCLEANED%, Deleted %NUMDELETED%, Quarantined %NUMQUARANTINED%.Scan version %ENGINEVERSION% DAT version %DATVERSION%.

Customer already aware of the scan commence and scan complete events.    This doesn’t tell them when the scan is scheduled ( scheduled task for in every endpoints’ s VSE or ENS console).  

Perhaps, create a query based on a time frame ( sample time frame1 day, 1 week so on) and include eventID 1202 & 1203 - Build a server task; including the query, E-Mail result and schedule accordingly.

McAfee managed products generated Event IDs listed in ePolicy Orchestrator - https://kc.mcafee.com/corporate/index?page=content&id=KB54677

The tasks in the database are in several related tables, so it would not be quite as simple as pulling info from one table.  In the epotaskschedulesetitngsmt table, for example, one task may have 11 or 12 rows for each setting name in the task schedule, and you would have to match it with the task Id from other tables, etc.  You can get a basic idea of some time frames from the system tree client task assignment page.

Here is an example from my test server.  If you look at the schedule column, it shows whether it would be daily, weekly, monthly, run immediately, etc.  The start date and time column lists the time it is scheduled to start.  That would not show, however, for a weekly or monthly scan what day of the week it is scheduled to run.

One thing they can do as a best practice is when they create a client task, put in the schedule in the description, as that field can be pulled in a query.