5 Replies Latest reply on Jan 12, 2009 4:46 PM by skyman

    ePO 4 dashboard - showing 'attacks' ??

      Hi,

      just wondering what you guys have on your ePO dashboard ?

      I was wondering, is it possible to show the number of attacks or virus's on it. Something more useful than just number of machines really.

      Thanks.
        • 1. RE: ePO 4 dashboard - showing 'attacks' ??
          tonyb99
          I have mine divided up into

          malware activity dashboard
          * virus detection in last 24 hours (bar chart)
          * PUPS in last 24 hours (bar chart)
          * Malware activity inlast 30 days (line graph)
          * No/Malware name in last 7 days (list with highest at top)
          * A search option

          software distribution
          * VSE: Total VSE coverage (pie chart)
          * VSE: Last 24 hours VSE coverage (pie chart)
          * MA: Agent Versions Summary (bar chart)
          * VSE: Last 24 hours DAT Adoption (bar chart)
          * Customised VSE patch level report (pie chart)
          * A Search option

          I also have other dashboards that pull in data on areas that I need to be able to check at a glance, based on custom queries.
          • 2. RE: ePO 4 dashboard - showing 'attacks' ??
            tonyb99
            you could customise this report: VSE: Top 10 Threat Sources
            and set it to the last 24 hours then add that.
            That i guess would be usefull in finding outbreaks

            (PS i would change the initial source name to the detecting product host name, so instead of trying to pull the address of a website for instance {which never works on mine} its showing the top 10 managed systems that have picked up malware)
            • 3. RE: ePO 4 dashboard - showing 'attacks' ??
              thanks, lots of info there !!

              I'll try those out later this afternoon happy
              • 4. RE: ePO 4 dashboard - showing 'attacks' ??
                What we should do is make a sticky where all the comments are users custom queries. Where we can export the query then paste the XML code. For example: You should be able to paste <queries>.........<queries> into notepad and save it as QueryName.xml, then import it into Mcafee 4.0.



                Query Name: Query_Patch_Version_BY_Product_Version:
                Dexcription: This grouped bar chart shows Virusscan Version(s) with a sub group of Patch Versions



                <queries>
                <query>
                <name language="en">Patch_Version_BY_Product_Version</name>
                <description language="en">This grouped bar chart shows Virusscan Version with a sub group of Patch Versions</description>
                <property name="target">EPOLeafNode</property>
                <property name="tableURI">query:table?orion.table.columns=EPOLeafNode.NodeName&amp;orion. table.order.by=EPOLeafNode.NodeName&amp;orion.table.order=az</property>
                <property name="conditionURI">query:condition?orion.condition.sexp=</property>
                <property name="summaryURI">query:summary?orion.show.other.limit=0&amp;orion.sum.order.by =count%3Acount&amp;orion.show.other=false&amp;orion.sum.time.cols=false%3Afalse& amp;orion.sum.aggregation.column=count&amp;orion.sum.group.by=EPOProdPropsView_V IRUSCAN.productversion%3AEPOProdPropsView_VIRUSCAN.hotfix&amp;orion.sum.aggregat ion=count&amp;orion.sum.order=desc%3Adesc&amp;orion.sum.limit.count=4%3A4&amp;or ion.chart.type=groupedbar&amp;orion.sum.limit=true%3Atrue&amp;groupedbar.title=E POProdPropsView_VIRUSCAN.productversion&amp;orion.sum.query=true</property>
                </query>
                </queries>
                • 5. RE: ePO 4 dashboard - showing 'attacks' ??
                  doesnt work