1 Reply Latest reply on Oct 24, 2016 6:47 PM by ajha1

    Application Control settings in ePO

    falaendor

      I'm trying to manage the Application Control product from ePO or the client.

       

      I've found a command called sadmin that can be run to set the log file size etc.  Is there a command that can be used to view the current log file size that's been deployed.  Or is there a way of doing it from the ePO console as there isn't anything I can see within the policy settings for Solidcore.

       

      Cheers

       

      Fal

        • 1. Re: Application Control settings in ePO

          Hi Fal,

           

          The command is :

           

          C:\Windows\system32>sadmin config show

            CustomerConfig                158 (0x9e)

            MPCompat                      0 (0x0)

            DisableDeviceGuardCompat      0 (0x0)

            AllowBinariesByReputation     1 (0x1)

            AllowReputationLevel          85 (0x55)

            BlockBinariesByReputation     1 (0x1)

            BlockReputationLevel          30 (0x1e)

            ATDReputationLevel            50 (0x32)

            IsATDSubmissionAllowed        0 (0x0)

            ATDFileSizeLimit              5 (0x5)

            FileRetrySecs                 0 (0x0)

            DoNotApplyAefBackupRules      0 (0x0)

            CustomizedEventCacheSize      1000 (0x3e8)

            EventCacheSize                2 (0x2)

            EventCacheWMHigh              90 (0x5a)

            EventCacheWMLow               70 (0x46)

            FailSafeConf                  0 (0x0)

          * FeaturesEnabled               4518745685153224879 (0x3eb5cf4261e318af)

          * FeaturesEnabledOnReboot       4518745685153224871 (0x3eb5cf4261e318a7)

          * FeaturesInstalled             -52834776966913 (0xffffcff271e318ff)

          * FileAttrCTrack                5024 (0x13a0)

          * FileDenyReadOptions           1024 (0x400)

          * FileDenyWriteOptions          4831 (0x12df)

            FileDiffAttrOnlyTypes         zip,7z,rar,gz,tgz,jpg,gif,tiff,png,bmp,pdf,tar,bz,bz2,exe,dll,sys,jar

            FileDiffMaxFiles              100 (0x64)

            FileDiffMaxSize               1000 (0x3e8)

            FipsMode                      0 (0x0)

            InvDiffConfig2                2 (0x2)

            InvDiffTimeout                10800 (0x2a30)

            InvMergeTimeout               1800 (0x708)

            PullInvTimeout                604800 (0x93a80)

          * LockdownStatus                0 (0x0)

            LogFileNum                    4 (0x4)

          * LogFilePath                   C:\PROGRA~3\McAfee\Solidcore\Logs

            LogFileSize                   2048 (0x800)

            ProdIntegrationConfig         1 (0x1)

          * RTEMode                       1 (0x1)

          * RTEModeOnReboot               1 (0x1)

            SoPriority                    0 (0x0)

            ssLangId                      Default

          * WorkFlowId                    UPDATE_MODE: AUTO_2

          * AgentEventsThreshold          2000 (0x7d0)

            AgentEventsThresholdOnWakeup  2000 (0x7d0)

          * SupplierCacheSize             7000 (0x1b58)

            SupplierCacheSizeOnWakeup     7000 (0x1b58)

            ConsumerThreadTimeout         10800000 (0xa4cb80)

            InvDiffAgentEventsThreshold   15000 (0x3a98)

          * ObAgentEventsThreshold        100 (0x64)

            ObAgentEventsThresholdOnWakeup        100 (0x64)

          * ObSupplierCacheSize           700 (0x2bc)

            ObSupplierCacheSizeOnWakeup   700 (0x2bc)

            ObConsumerThreadTimeout       10800000 (0xa4cb80)

            Accessibility                 0 (0x0)

            EventCacheIntervalMilliSecs   10000 (0x2710)

            ReputationCacheLowWaterMark   8192 (0x2000)

            ReputationCacheHighWaterMark  16384 (0x4000)

           

           

          This command basically show the complete configuration. Let me know if you've any other queries, else Mark this discussed as Resolved.

           

          Regards,

          Ajaykant Jha