9 Replies Latest reply on Oct 27, 2016 6:00 AM by catdaddy

    Endpoint Security - On-demand Scan

    eduardo0407

      Hello, I have a question regarding the on-demand scan logs of Endpoint Security 10.1.2.

       

      I performed a Right-Click scan on some folders and a full scan. Looking at the On-demand Activity logs, I can see that 24.000 files were scanned and 6 files were not. 5 files were not scanned because of permissions and 1 file was not scanned because it is encrypted (compressed with password).

       

      My question is: if I want to know what are those 6 files (names and locations), where can I find that information?

       

      Thank you.

        • 1. Re: Endpoint Security - On-demand Scan
          pratik7008

          If you have enabled threat events in ePO than you can send logs from your local machine to ePO and you can check those source and target file information under threat event tab of that machine.

          • 2. Re: Endpoint Security - On-demand Scan
            eduardo0407

            Threat events are enabled. The problem I'm having is with unscannable files. I would like to know if there is some way to find out the names and locations of files that were not scanned. I can only see why they were not scanned.

             

            In VSE 8.8, I can see this information on the scan logs.

            • 3. Re: Endpoint Security - On-demand Scan
              sivakumarc

              Hi eduardo0407,

               

              I Would like to appreciate your blue-sky thinking.

               

              In general Mcafee logs are located in Temp folder and Program data.

              OAS/ODS scan related info are saved in Program data (C:\ProgramData\McAfee). You can find the number of files that are scanned and not scanned.

              a sample screenshot is attached below. The info available in the logs will not provide the details( name and locations) of the files that  are not scanned.

               

               

              Regards,

              sivakumarc

              • 4. Re: Endpoint Security - On-demand Scan
                eduardo0407

                Hi sivakumarc,

                 

                I don't know if the first part of your answer was a compliment or not

                 

                I'm aware of those statistics that are found in the log files. The client that wants this information about the unscannable files asked me if ENS provides this info, because it is possible to get it in VSE logs, and they are comparing both products while migrating from VSE to ENS.

                • 5. Re: Endpoint Security - On-demand Scan
                  sivakumarc

                  Hi eduardo0407

                   

                  Am sure its a compliment because the option to list out the info on the files that are not scanned is not available as of now in ENS.

                  Discussions on innovative ideas will make the product technically more advanced and here i would say you are into the limelight. so its definitely a compliment

                  Speaking about Migration from VSE to ENS, its already on the track. ENS is a bundled package of VSE/HIPS. Threat prevention module is kind of( or much more advanced) VSE and firewall is derived from HIPS. We cannot expect all the attributes to be implemented right away from VSE to ENS, when some thing is missing or not implemented its good that people like you come forward and raise a query on the same, so that it can be considered on high priority and dev team will make sure to meet the clients requirements and satisfaction. final outcome would be ENS is gonna be a far better, advanced, satisfactory and competitive product in Network security.

                   

                  Regards,

                  Sivakumar

                  • 6. Re: Endpoint Security - On-demand Scan
                    fabiansz

                    Hi Sivakumar

                    As a customer who pays for software, I would expect all the attributes of the "old" version to be implemented into the new version. Otherwise I would call the new version "beta". Unfortunately the software industry today works like that :-(

                    Within the last year, I really spent too many hours finding bugs, beginning with ENS 10.1. I'm not really amused about ENS 10.x.

                    • 7. Re: Endpoint Security - On-demand Scan
                      catdaddy

                      fabiansz,

                                          Although I am from the 'Consumer' side of the equation. It seems that you could benefit by submitting a request for implementation of such, in future releases\builds here: Product Ideas (Corporate) Just thought I might add that.

                       

                      All the Best,

                      Cliff

                      Moderator

                      Consumer Products

                      • 8. Re: Endpoint Security - On-demand Scan
                        fabiansz

                        catdaddy, of course I could. And I did.

                        The new ENS 10.5 function "https domain reachability" is based on my deep digging which did cost me weeks. Then, there was a handle leak, which will be fixed in 10.5 because of my troubleshooting (again weeks). Another one was the "LAG switching", they did not switch based on network connection but based on policy enforcement interval. Finally my custom patch was released with 10.1 Patch 1.

                         

                        I am an external project member implementing Windows 10. The customer does not pay me to find and document bugs in software they already paid for.

                        But today that's business as usual :-( Not only with McAfee.

                        • 9. Re: Endpoint Security - On-demand Scan
                          catdaddy

                          Thank you for your input. I sincerely hope a resolution is forthcoming

                           

                          Regards,

                          CD