Kaseya Community

Symantec Endpoint logs and reports

  • My clients are using both managed and unmanaged Symantec Endpoint Protection. I want to tie the SEP logs into my executive summary reports to show AV activities such as updates and detection events. I've already added the rows and custom fields but I am going round in circles getting any type of results to show on the reports. I'm hope that some can help me out with this because I'm at a dead end.

    Mac

    Legacy Forum Name: Symantec Endpoint logs and reports,
    Legacy Posted By Username: Mac
  • i'd be interesting in grabbing some of this information too.

    we have a few customers with endpoint protection and all we see is problems... i'd like to be able to show them parts of it are working Smile

    Legacy Forum Name: How-To,
    Legacy Posted By Username: mjarvis
  • I’ve been working on this for a couple of days and I’m sure that I'm just missing a step or some setting. I hope that this thread is just being accidentally overlooked by the pros. It would be short sighted if this type of information was not made available to the Kaseya community.

    Legacy Forum Name: How-To,
    Legacy Posted By Username: Mac
  • When you say "logs", do you mean from the central server, or from the individual computers' event log? Because using the event logs would mean logging every single informational event if you want to report on logging signature updates etc.

    For everything else, you can use the event log and just report "virus found and cleaned" by checking for event id 5, 46 or 51

    Edit:

    Title: Viruses found and cleaned
    Row Type: Alarm Log
    Search Type: (Alert) Event Log
    Search Filter: *Security Risk Found!*

    Edit (again, sorry):
    We have Kaseya force manual updates, and it writes the event to the script log. We can then simply have the Exec. Summary count the number of "Signature Updates" in the script logs, and report that. Doesn't mean they were updated every time, as there aren't always necessarily updates available every day, but it still reports valid data: A signature update would have happened if one was available.

    Legacy Forum Name: How-To,
    Legacy Posted By Username: Lmhansen