Hello Everyone,

I'm trying to monitor the anti-virus services on my networks and running into some issues. I'm using Kaspersky Business Optimal on all my networks (LOVE IT!!!) except for my newest client that is using Sophos (don't love it so much...).

First I tried to update the service list by scan. The names returned from the scan were the names of the executables that were running, not the name of the service. I tried to use the names that were returned in a monitoring set, but I kept getting service not installed alerts.

So here I am now trying to monitor the actual processes:
  • SavService.exe
  • SAVAdminService.exe
I get flooded with alerts from these two that the process is running.

Questions:
  1. Is there a way to get this working so that I'm monitoring the service and not the process.
  2. Is there a way to configure the process monitoring to give me alerts/information when the process is not running. Seems I can only log on trasition, up or down.
  3. Is monitoring a process in this fashion not conducive to actually ensuring that my AV software is up on my clients workstations?
Thanks in advance for any input or thoughts you may have on this subject.

Regards,

jamie177


Legacy Forum Name: Proper use of Process monitoring,
Legacy Posted By Username: jamie177