0 Replies Latest reply on Aug 26, 2014 10:59 AM by Scott Sadlocha

    Questions on Non-Compliance Automatic Response

    Scott Sadlocha

      Hey Everyone,

      I am attempting to set up an automatic response for non-compliance events, as part of a larger scale "DATs out of date" reporting structure. From discussions in the community, I have set up a query and report for a particular DAT version threshold (greater than 3 from Master Repository), and I set up a server task to run the query daily, as well as deliver the report daily. My current task is set up to generate a non-compliance event if a certain number of computers are more than 3 DATs away from the master repository.


      Now, with regard to the Automatic Response. I have seen mention of a preconfigured Automatic Response for Non-Compliance events. Unfortunately, I don't see that preconfigured response in my ePO console. As other people worked in this console before me, I am guessing that someone renamed it or deleted it. I am trying to recreate it, but I am not sure if I am doing it correctly, and I am also curious as to what I would receive.

      Right now, I set up the automatic response in Event Group:ePO Notification Events and Event Type: Server, filtering on Event ID = 16000. I have no aggregation set up, triggering this response for every event. Does this look right when compared to the default that should be in there? Can anyone look in their ePO console and verify? Also, I see a method to import a response. Is there somewhere I can locate the default response as an export and re-import that into my environment? Lastly, is my logic in setting this up correctly? My thought is that since I set the threshold in the Server Task, to generate a compliance event after so many systems are out of compliance, this will fire one compliance event to the database, and I will get one email alert from the automatic response. I worry that if I set up aggregation in the automatic response, I won't ever get anything.


      I do realize that the automatic response will fire for every non-compliance event, but that is okay by my, as long as I don't get a flood of 200 or so when my query/task combo hits its threshold. I hope I have explained this well, and I hope that someone can offer some input for me. Any information would be greatly appreciated!