cancel
Showing results for 
Search instead for 
Did you mean: 

EPO 4.5.5, To Query report for On-demand Scan

Product,

EPO 4.5.5, Agent 4.5, DLP 9.0, VSE 8.8 P1.....

Here we installed EPO server that manages 300 workstations

Here we need an report for on-demand Scan in pdf format and that has to be send to admin e-mail address.

Here the On-demand scan report is coming in txt format and that sits in indiyidual computer the

Path is : C:\Documents and Settings\All Users\ApplicationData\McAfee\DesktopProtection

File name: ondemanscanlog.txt

10/13/2011    1:00:00 PM        Engine version                          =    5400.1158

10/13/2011    1:00:00 PM        AntiVirus   DAT version                 =    6496.0

10/13/2011    1:00:00 PM        Number of detection signatures in EXTRA.DAT =    None

10/13/2011    1:00:00 PM        Names of detection signatures in EXTRA.DAT  =    None

10/13/2011    1:00:01 PM    Scan Started    DEP-CHN146\SYSTEM    (managed) 2 days scanning policy

10/13/2011    1:01:14 PM    Cleaned     SYSTEM    ODS((managed) 2 days scanning policy)    d:\IE8-WindowsXP-x86-ENU.exe    W32/Sality.gen.z (Virus)

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Scan Summary

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Processes scanned    : 54

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Processes detected   : 0

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Processes cleaned    : 0

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Boot sectors scanned : 5

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Boot sectors detected: 0

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Boot sectors cleaned : 0

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Files scanned        : 61170

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Files with detections: 1

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    File detections      : 1

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Files cleaned        : 1

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Files deleted        : 0

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Files not scanned    : 19

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Scan Summary (Registry Scanning)

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Keys scanned         : 32023

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Keys detected        : 0

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Keys cleaned         : 0

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Keys deleted         : 0

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Scan Summary (Cookie Scanning)

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Cookies scanned      : 0

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Cookies detected     : 0

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Cookies cleaned      : 0

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Cookies deleted      : 0

10/13/2011    1:45:02 PM    Scan Summary    DEP-CHN146\SYSTEM    Run time             : 0:45:02

10/13/2011    1:45:02 PM    Scan Terminated    DEP-CHN146\SYSTEM    (managed) 2 days scanning policy

We need this report in e-mail with pdf format.....if it possible kindly help me......

Thanks & Regards,

krish................

10 Replies
McAfee Employee JoeBidgood
McAfee Employee
Report Inappropriate Content
Message 2 of 11

Re: EPO 4.5.5, To Query report for On-demand Scan

Hi...

This isn't possible, as far as I know: the scan summary report like this is not sent back to ePO, so there's no way for ePO to send it out as part of a report.

HTH -

Joe

metalhead
Level 12
Report Inappropriate Content
Message 3 of 11

Re: EPO 4.5.5, To Query report for On-demand Scan

Workaround - not the best, but at least it collects the results centrally:

1) Create a null-session share on one of your servers

2) Change the On-demand-scan log location in the VSE policies and rename it to \\server\share\<COMPUTERNAME>_OnDemandScanLog.txt

3) Process the files as you like

Regards Tom

exavier
Level 9
Report Inappropriate Content
Message 4 of 11

Re: EPO 4.5.5, To Query report for On-demand Scan

You can just run a report filtering it by ODS task. Using Analyzer Detection Method properties.

You won't see a summary as you see in a ODS log file, but you'll see the actual detections by this task.

Re: EPO 4.5.5, To Query report for On-demand Scan

Hi,

Everybody...

In EPO VSE Query there is the option but the report is not familiar like this txt log.....

We need importantly this one in pdf format, its posible.....because it shows the scan summary of processes

scanned,boot sectors scan.....

Capture.JPG

Re: EPO 4.5.5, To Query report for On-demand Scan

Hi sir,

Can we do this for entrie systems in McAfee EPO , for 200 systems can we store the log in single location...in share...path

as its posible ....like this method u said tom....

1) Create a null-session share on one of your servers

2) Change the On-demand-scan log location in the VSE policies and rename it to \\server\share\<COMPUTERNAME>_OnDemandScanLog.txt

3) Process the files as you like

Regards,.....

Highlighted
metalhead
Level 12
Report Inappropriate Content
Message 7 of 11

Re: EPO 4.5.5, To Query report for On-demand Scan

Yes you can configure this for your entire system via the ePO VSE clienttask you have created.

In the Report section specify the mew log name and path (as described use the computer name cariable to distinguish the logs in the share by name).

Either use a null session share (if the clienttask is running with local system account) or specify a admin accoutn in the ODS task which has share access.

Regards Tom

Re: EPO 4.5.5, To Query report for On-demand Scan

Ok i will try tom,

I will increase the log size to needed GB of size and i will create the share path to storage.....

Let me see....

I will update you.....soon

Thanks,

Re: EPO 4.5.5, To Query report for On-demand Scan

Hi tom,

I have done as per the instrution u told me.....

But the log is not storing here as the location i mentioned.....

I mentioned like this ....

D:\Mcafee server Logs\On Demand Scan logs<COMPUTER_NAME>OnAccessScanLog.txt

Capture2.JPG

This the path that the log is mentioned in the epo server.....

Capture3.JPG

Any Idea....

Regards,

krish.....

Re: EPO 4.5.5, To Query report for On-demand Scan

The two exclamation marks at the end of "log file location" means the path is not valid.

Try to edit the path (no spaces, did you select the variable via the "arrow" to the left of the input field ?) ....

I have currently no epo accessible so I cannot test this, sorry.

Regards Tom

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator