cancel
Showing results for 
Search instead for 
Did you mean: 
marios
Level 7
Report Inappropriate Content
Message 1 of 4

Query for On Demand Scan task results

Hi,

Is it possible to create a query with ePO 4 in order to get On Demand schedule Task results instead of browsing for log file on C:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection of each server?


Thanks
3 Replies
Johonn
Level 7
Report Inappropriate Content
Message 2 of 4

RE: Query for On Demand Scan task results

you can also see the answer here .. http://forums.mcafeehelp.com/showthread.php?t=165788


Create a query...

1. Grouped Summary Table
Groub By
2. Event Generated Time (UTC)
3. Analyzer Detection Method
4. Event Description

There is where i have problems. You want to filter results to show you "(managed)..." or "(EPO)..." but it does not work but the report will still provide you with your information.

When the report runs and it takes some time for me and errors sometimes too but just try again it should run. You will want to look for the "Analyzer Detection Method" that is "(managed)......" or "(EPO)....". This will be all your managed tasked.

In the event reporting you will want most if not all.

Scan Found infected file, Unwanted program deleted, Infected file deleted...., but most important Scan completed. No Viruses found, and Scan was canceled
Edit/Delete Message
marios
Level 7
Report Inappropriate Content
Message 3 of 4

RE: Query for On Demand Scan task results



Thanks for your reply,
I created a client task to perform a weekly full system scan for my servers.
How can I get a report regarding my custom client task on which servers have finished scan, detections etc.

I tried your run query, but I cannot find my custom client task on the report.
Highlighted
Johonn
Level 7
Report Inappropriate Content
Message 4 of 4

RE: Query for On Demand Scan task results

Make sure in the in the event reporting you have the following seleceted....

Scan Found infected file, Unwanted program deleted, Infected file deleted...., but most important Scan completed. No Viruses found, and Scan was canceled


If you do not select them the agent will never report on your managed tasked. Once selected and creating the query i posted before you results will look like this....



 



The #'s are the # of Agents that reported

March 17, 2009 90
OAS 86
Scan Timed Out 84
Access Protection rule violation detected and NOT blocked 2

(EPO) ePO_DAT_Spyware_Update 1
The update was successful 1

Scan All Fixed Disks 1
Unwanted program deleted. 1

(managed) Weekly_Virus_Scan 2
Scan was cancelled. 1
Scan completed. No viruses found. 1



Notice the (EPO).... and (managed)....

Note: This Query for me is broken down by day.
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator