3 Replies Latest reply on May 4, 2017 2:05 PM by tao

    On demand scan


      Currently we have our on demand scan to run at 11pm.  Do you think this is a good time? any suggestions

        • 1. Re: On demand scan

          Every night?  Double check success rate:


          Build a threat event query / Configure Chart: Multi-line Chart: Line values - # of threat events <> Line labels - Event Description <> Time base - Event Generated <> Under Filter Event ID: Equals - 1202 or Equals - 1203 <> run. This should provide a line graph of start/finish of your on-demand scan.


          How large is your environment?

          2 of 2 people found this helpful
          • 2. Re: On demand scan

            Yes every night we have about 30K clients

            • 3. Re: On demand scan

              Add the following to the query: Under the filter: Event Generated Time - 1 week  ... or 1 day.  You'll be able to get a good idea of how many scans are actually starting/completing.  


              As for if that's a "good time"; depends on if it's impacting your business environment and/or the query results. Are you seeing an increase of daily infections? Meaning, if you're seeing an increase in daily infections, check the last time those systems successfully completed your scan. This type of information builds a case for increasing the time / amount of scans OR leaving your current schedule alone and perhaps going down the road of AUP training for the end user.

              1 of 1 people found this helpful