I am also looking for this information...anybody???
Thanks for the reply. I am well familiar with the ClientControl utility, butI would like to be able to do this via ePO.
I have a timed group in my FW rule set. It allows HTTP/HTTPS for 10min. Iwould like to know if users are using this and if so how many times. That way Ican determine if user is simply resetting the timed group so theycan access the internet openly and access sites they should not be
I would like to be able to do this via ePO.
There is no ePO functionality, or McAfee-provided script, to do this.
Ok, thanks...that answers that. Too bad though
Does the ClientControl utility work with HIPS 7.0?
Yes, there is a ClientControl utility for Host IPS 7.0 (downloaded from the McAfee Download site). The Client Control tool does not pull Host IPS log files remotely though. It can, however, "Export the activity log to a formatted text file", if you are locally/remotely logged into that system.
Exporting the Host IPS Activity Log to a text file.
1. Open a command shell.
2. Run clientcontrol.exe /export <path of export file>
3. Copy the exported log file to another computer for collection, analysis, etc.
may i get some clarification please
you say it does not pull the Host IPS log files remotely, but then go on to say it can export the activity log to a text file if you are logged in locally / REMOTELY - will you explain what is the difference as you meant it
If you RDP to a system (remotely logged in), you can run the ClientControl tool locally on that system to export the Activity log. You cannot, however, run the ClientControl utility on your system to remotely connect to a remote host to "pull" the Activity log.
The ClientControl tool must be run on the local system to export the log file. This also does not export any information to the ePO server.