This content has been marked as final. Show 8 replies
browse down from the dashboard into an event instance and check what the event id is.
this could be time outs, or unable to scan password protected files or similar, once you know the id you can check this in the filtering and see if you want to report on it or not
Yes its showing Event ID 1059 scan timed out. Could you please ellaborate what does this means . Is this a virus or just that the ePO server was unable to scan and has detected this as a threat with BLANK name.
Thanks in Advance
not a virus just scan timed out
I have these switched off (lots of people do) as you get a lot over time
to switch off
edit button (hidden down on bottom right)
only selected events option
remove 1059 tick
NOTE: this will eventually filter down to agents but you will still get them for a while and new workstations may report these before they receive the policy change. You can edit reports to exclude this event ID aswell in the meantime
Yes it indeed worked when i removed the 1059 events from the server settings i can now see the count is being reducing.
Thanks a ton
I have a lot of these too. They come on files that are very small that VirusScan should not have any trouble scanning in the time provided. Isn't disabling of reporting scan timed out events just sweeping the problem under the rug?
Why not ask McAfee why the AV scan is timing out so much on such tiny files.
If these files are in use you will receive a time out even if it's 1KB
I get the same exact thing. You would think it would be listed as a bug or something by now with all the people who have to go in and turn this alert off.
I have adjusted the filters on the canned VSE reports from mcafee to not include events 1059 and 1051. The problem is the filter is not working.
The “threat type” for these events is “virus’ and because that is selected in the canned report it seams to be overriding the filter to exclude 1059 and 1051.
Has anyone else experienced this and know of a way to get the filter working?