1 Reply Latest reply on Jun 20, 2017 5:49 AM by mrbeatnik

    Mac (Endoint Security) DAT/Engine Compliance Query

    mrbeatnik

      Hi folks,

       

      I can't create an accurate Mac compliance query (ES Threat Prevention). Problems are:

      • DAT Version (Non-Windows) does not have the option of "Is within X versions of repository"
      • AMCore Engine Version does not have a "Greater than or equals"

       

      Both are only treated as string options ("equals/does not equal/contains/etc").

      This makes it difficult to have automatic compliance queries that do not need altered each time, which means automatic server tasks can't be run either (like email someone if DAT is x days old).

       

       

      Am I doing something wrong? Is there a way around this? Is that just how it goes?

      Any thoughts?

       

      Thanks