Reports on automatic scans

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Reports on automatic scans

L0 Member

Good morning,

 

We want to schedule automatic scans for some servers, currently we already have a malware profile created that runs these scans. The problem is when it only generates a log that it was done, but no report as such. Is there any way to give us a report of the scan when the automatic scans are scheduled? or it will only generate a report when we do it manually from the action center.

 

The licensing we have is the prevent.

 

Regards

1 accepted solution

Accepted Solutions

L5 Sessionator

Hi @dlozanog ,

 

Thank you for writing to live community!

 

Irrespective of the scans scheduled or initiated manually, there are couple of fields under "All Endpoints" page that should let us know the following:

  1. Current Scan Status
  2. Last Successful Scan Timestamp

The scans schedule would be as per your policy configuration which is either weekly on a certain day and starting at a certain time or monthly on a specific week's day and time.

 

Assuming you would have some definite number of policy rules with malware profiles attached to them with specific endpoint scanning configuration, you should be able to count the endpoints by the policies attached and that should apparently give you a context on when the scan is scheduled when you review the malware profiles of those policy rules.

 

Coming back to the running status of scan and its logging, the endpoint administration should be able to showcase that. Alternatively you can also look at the possibility of XQLs for managing this.

I am redirecting you to a live community discussion on the same lines which should fairly have a good context around the ask you may have. Let us know if this helps: 

 

Scanning Reports

 

Please mark the response as "Accept as Solution" if it answers your query.

 

 

View solution in original post

1 REPLY 1

L5 Sessionator

Hi @dlozanog ,

 

Thank you for writing to live community!

 

Irrespective of the scans scheduled or initiated manually, there are couple of fields under "All Endpoints" page that should let us know the following:

  1. Current Scan Status
  2. Last Successful Scan Timestamp

The scans schedule would be as per your policy configuration which is either weekly on a certain day and starting at a certain time or monthly on a specific week's day and time.

 

Assuming you would have some definite number of policy rules with malware profiles attached to them with specific endpoint scanning configuration, you should be able to count the endpoints by the policies attached and that should apparently give you a context on when the scan is scheduled when you review the malware profiles of those policy rules.

 

Coming back to the running status of scan and its logging, the endpoint administration should be able to showcase that. Alternatively you can also look at the possibility of XQLs for managing this.

I am redirecting you to a live community discussion on the same lines which should fairly have a good context around the ask you may have. Let us know if this helps: 

 

Scanning Reports

 

Please mark the response as "Accept as Solution" if it answers your query.

 

 

  • 1 accepted solution
  • 929 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!