yes you can do those things but first please advise what version of epo you are using
EPO 4.0 patch 4 and Rogue Sensor 2.0 Patch 2
OK that good...
1)Create a (basic) table query based on the detected systems data set and call it something like Mark Exceptions.
In the filtering choose rogue = true then add in all the non windows os platforms as additional filters (with or not and)
eg where rogue is true and os platform is router/printer/mac etc they are all their in the drop down box
Once you have the report make it public and then create a server task which runs the query as a n action
Now choose the action detected system to be mark as exception
Now schedule this to run every hour
2) create automated responses in the sutomation section where if a rogue is detected and its windows and of a certain domain then push agent with specififced credentials
I have one for each domain covered
3) default rogue dashboard already references the default RSD OS queries look at these
4) in server settings, rogue systems matching I use mac and name, also I have netbios calls for more info enabled. Don't have this issue as its matching MAC
Thats awesome, filtering non windows machines works like a charm, Thanks a lot!
Now, I am wondering, if a printer is removed from a subnet and this IP address gets assigned to a workstation, will that workstation also show up in Rogue?
Secondly, when I try to run a query to differentiate Windows Server machines from Workstations, it returns nothing:\
1) they would have different mac addresses, so should be ok
2) you can add the os version field from detected systems data source to your query and filter on this
Great...you are the guru!