I have ePO 4.5.0 and the clients are running VirusScan 8.7.
All updates and policys appear to be working ok.
If I search in ePO for threats I get only a subset of the threats detected by the clients (or maybe I am just receiving the threats info from some of the managed systems).
If I go into the managed system and check the log (OnDemandScanLog.txt) I see that the local agent has detected and cleaned several virus.
It seems, this information is not being sent in to ePO.
Btw, the query I use returns threats events reported from managed systems by ip address (of the managed system).
Where do I configure the sending of threat events to ePO in the client policies (maybe I configured it wrongly)?
How can I force the client to upload all threat events into ePO?
After the events are uploaded to ePO are they right away available or does it take some time to process (like some hours)?
I also have a similar issue.
My agent is saying it uploaded the events to the ePO 4.5 server.
However when i build a query to get latests threats then i have no results returned.
I used the eicar file to test it but still have no luck. Even pressed the button to send the events to the server and like i said the agent replys that it is sending the events but nothing comes into my ePO.
Is there something wrong?
Make sure that you have checked in the latest VSE report extension - it is this extension that installs the event handler that ePO uses to interpret VSE events.
If there's still a problem, check the eventparser log on the server - if there is a problem processing events it'll be there.
Well as you said i checked the VSE RP version and it was the latest version.
Checked the evntparser.log and saw nothing in there wich i found strange so i just restarted the services wich did the trick.
All events are streaming in my EPO now so it looks as if it is ssolved.
Thanks for the infoMessage was edited by: Karel on 5/19/10 2:43:18 PM CEST