in our 3000 client company I manage antivirus software with "McAfee ePolicy Orchestrator 4.0". At the moments clients have Agent 4.0 too, but I will go to Agent 4.5. Befor I do it, I have to distribute a compatibility Hotfix number 517265.
My question is:
Is it possible to do a query to see, how often the patch is distribute? I have many queries with Epo Version, Epo Patchlevel, but I don't find a way for a query for a hotfix.
Please help me.
According to the hotfix release notes, it changes only three files:
So the actual build for the rest of the product remains the same (patch 1 or 2) - this means there may not be a straight forward way of querying it from ePO 4.0.
You can however do this using a System Compliance Profiler rule. To do this follow the steps below:
On the ePO console, click Systems --> Policy Catalog.
In the product drop down, select System Compliance Profiler 2.x.x
Click New Policy
In the Create a new policy window, type a name for the policy such as 'VSE HF517265 Check'
In the Rules Window, Click Custom Rules
Click Add Group - Give it any name
Select that group under Custom Rules and click Add Rule
Type a name for the rule in the 'Name of rule field' for e.g. 'Check for VSE HF517265'
Uncheck all irrelevant Operating Systems such as windows 98, Windows ME etc
In the Criteria field, make sure Match a file is selected
In the File Path drop down select PROGRAM_FILES_DIR and complete the path to one of the three files listed above - for e.g. McAfee\VirusScan Enterprise
In the File name field type shstat.exe
Choose 'Version is greater than or equal to' from the drop down and type in the version listed above (e.g. 220.127.116.112 for shstat.exe)
Save the policy
If you have never used SCP before, you will need to ensure the SCP scanner is installed on the client systems as part of a deployment task.
After this, ensure that a SCP scan client task is configured on the ePO system tree for all the systems.
Now when the scp scanner runs the next time this rule is checked the results are sent to ePO.
Using one of the existing SCP queries (for e.g. SCP: Non Compliance Summary by Rule Group) you can get the list of systems that violate the rule (do not have the HF installed)
Hope that helps....
Hello Sailendra Pamidi,
many thanks for detailed answer.
Until today we don't use and don't have installed System Compliance Profiler on clients. But I have installed SCP on a test machine about your instruction and I created a SCP Scan Task (in the 2nd step configuration I can read: "No additional settings for SCP Scan Task"). I hope, it is so right.
Furthermore I edited Policy Catalog and added a query for the hotfix according your instruction. The SCP Scan Task is worked on a test machine (run and wake up agent) . So far I had no problems.
My problem is to know, how I can do a query for hotfix or general query with patch level. Through the standard queries I don't get an answer.
Can you give me a anser?
Message was edited by: andreasw on 11/02/10 05:15:10 CSTMessage was edited by: andreasw on 11/02/10 05:21:44 CST