02-27-2024 09:19 AM
Good morning,
We want to schedule automatic scans for some servers, currently we already have a malware profile created that runs these scans. The problem is when it only generates a log that it was done, but no report as such. Is there any way to give us a report of the scan when the automatic scans are scheduled? or it will only generate a report when we do it manually from the action center.
The licensing we have is the prevent.
Regards
03-07-2024 04:45 AM
Hi @dlozanog ,
Thank you for writing to live community!
Irrespective of the scans scheduled or initiated manually, there are couple of fields under "All Endpoints" page that should let us know the following:
The scans schedule would be as per your policy configuration which is either weekly on a certain day and starting at a certain time or monthly on a specific week's day and time.
Assuming you would have some definite number of policy rules with malware profiles attached to them with specific endpoint scanning configuration, you should be able to count the endpoints by the policies attached and that should apparently give you a context on when the scan is scheduled when you review the malware profiles of those policy rules.
Coming back to the running status of scan and its logging, the endpoint administration should be able to showcase that. Alternatively you can also look at the possibility of XQLs for managing this.
I am redirecting you to a live community discussion on the same lines which should fairly have a good context around the ask you may have. Let us know if this helps:
Please mark the response as "Accept as Solution" if it answers your query.
03-07-2024 04:45 AM
Hi @dlozanog ,
Thank you for writing to live community!
Irrespective of the scans scheduled or initiated manually, there are couple of fields under "All Endpoints" page that should let us know the following:
The scans schedule would be as per your policy configuration which is either weekly on a certain day and starting at a certain time or monthly on a specific week's day and time.
Assuming you would have some definite number of policy rules with malware profiles attached to them with specific endpoint scanning configuration, you should be able to count the endpoints by the policies attached and that should apparently give you a context on when the scan is scheduled when you review the malware profiles of those policy rules.
Coming back to the running status of scan and its logging, the endpoint administration should be able to showcase that. Alternatively you can also look at the possibility of XQLs for managing this.
I am redirecting you to a live community discussion on the same lines which should fairly have a good context around the ask you may have. Let us know if this helps:
Please mark the response as "Accept as Solution" if it answers your query.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
