cancel
Showing results for 
Search instead for 
Did you mean: 
JeffM
Level 7
Report Inappropriate Content
Message 1 of 7

AMCore content report

Is there an easy way to generate a report in the EPO (ver. 5.10) that tells me the last time the AMCore content was updated on each system and the version of the content?

6 Replies
McAfee Employee Thussain
McAfee Employee
Report Inappropriate Content
Message 2 of 7

Re: AMCore content report

Thank you for posting your query 

McAfee ePO 5.10 provides a default built in query Endpoint Security Threat Prevention: AMCore Content Compliance Status to generate a report for AMcore content. You may duplicate this query, save it with a new name, click on edit and add the AMCore Content Version and AMCore Content Date in the columns section of the query. This will give you the details of the content date and version. 

 

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!
JeffM
Level 7
Report Inappropriate Content
Message 3 of 7

Re: AMCore content report

That got me most of what I needed.  The only other thing I need is the date and time the content was updated or downloaded to the system.  Does the EPO log that some where?  I am working on a compliance report and they are being very specific on the data they want.

Thanks.   

McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 4 of 7

Re: AMCore content report

The only thing that is recorded, if the event id's are enabled, is the update succeeded event id.  However, that could be misleading, as the update may not necessarily be amcore, but could have been a patch, agent key updater, or some other update.  You might be able to create a query with maybe some keyword filters for the event ID 2401- update succeeded and amcore compliance days - that might give some idea of when it was installed, but won't be exact.  

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

McAfee Employee vivs
McAfee Employee
Report Inappropriate Content
Message 5 of 7

Re: AMCore content report

Hello,

Thanks for your response.

You can duplicate the by default query and modified it with the date and all.

After duplicating the query please rename it and click on edit and under Filter option you will get the option for Amcore Content Date.

Please see the screenshot.

ComAmcore.PNG

The other thing you can do here to create a new query,
Query & Reports>New Query>Systems>Next>Select Table>Next>Add Amcore content Date in columns and click next>in Filter option add Amcore Content Date and run the query and the output will be like below screenshots:
 qramcore.PNGValue is not blankamcoreout.PNGOutput

Was my reply helpful?
If you find this post useful, Please give it a Kudos! l Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

McAfee Employee AdithyanT
McAfee Employee
Report Inappropriate Content
Message 6 of 7

Re: AMCore content report

Hi @JeffM 

I would go with @cdinet's response here. The filter Amcore Content Date as mentioned in the previous post will not work as that is the Content Creation date from McAfee.

Hence, I am afraid this will not reflect the actual timestamp of the client's update download. I hope this clarifies your last query.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
McAfee Employee AdithyanT
McAfee Employee
Report Inappropriate Content
Message 7 of 7

Re: AMCore content report

Hi @JeffM 

Here is the detail on AmCore compliance and AmCore Content Date explained in the FAQs document.

I sincerely hope this clarifies!

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community