Hi. I need some help with basic VirusScan Enterprise incident response. Basically, how do I interpret data in ePO regarding VSE and know if I have a problem? How do I decide how to respond (ignore? clean? wipe machine?). Is there an easy way to find out the severity of each virus found without having to google each virus name? I'm just looking for basic information and nothing fancy (i.e., I'm not trying to figure out how to reverse engineer malware). Thank you for any help and suggestions.
You can use ready query in McAfee ePO server query option like threat source and target systems.
You can check the first level of threat detection.include action take in table to identify what action has been taken by AV on detected threat.