This content has been marked as final. Show 3 replies
Reviving an old thread: have you been able to do that ? I would like to do the same thing.
I did it somehow...
Actually, I set a VSE full scan task and found out afterwards that VSE always reports "some event"... I haven't yet identified all the Event IDs and such returned by the scanner but I'd say it is possible (with ePO 4 !)
I'll see if I can find the report back and revive it and I'll let you know.
You sure can......
Create a query...
1. Grouped Summary Table
2. Event Generated Time (UTC)
3. Analyzer Detection Method
4. Event Description
There is where i have problems. You want to filter results to show you "(managed)..." or "(EPO)..." but it does not work but the report will still provide you with your information.
When the report runs and it takes some time for me and errors sometime too but just try again it should run. You will want to look for the "Analyzer Detection Method" that is "(managed)......" or "(EPO)....". This will be all your managed tasked.
In the event reporting you will want most if not all.
Scan Found infected file, Unwanted program deleted, Infected file deleted...., but most important Scan completed. No Viruses found, and Scan was canceled