I upgraded my EPO server from 4.5.? to 4.6, and then 5.0. Everything went successfully during the installs, so I had no reason to think there were problems. I then noticed that I had not recieved any threat events from the client machines since I took the machine offline to do the installs.
Since that point I have pushed out the latest agent to the clients, going from 184.108.40.2060 to 220.127.116.111. I can see the agents fine, and they are connecting it seems, but I am not showing any threat events. At this point I should have seen some since I have roughly 250 machines out there, and it has been a couple of weeks.
Where do I need to be looking to find out what is going wrong?
The first thing to check is the eventparser.log on the ePO server - feel free to attach it here if you like.
Additionally, make sure that you have checked in the latest *reporting* extensions for any products that you use, for example VirusScan. It's the reporting extension that allows ePO to understand the events coming from the client machines.