The default report provided with CPM “Top 25 most recent Viruses” only has the name and detection time, i managed to get the infected file in there but i also want the action taken to appear in the report and email sent.
So far I got:
"(html "
" & “New Virus Detected” & html "
" & html "
" & "Computer Name: " & item 0 of it as string & html "
" & "Virus Name: " & item 1 of it as string & html "
" & "Infected File: " & item 3 of it as string & html "
" & "Detection Time: " & item 2 of it as string & html "
“) of (name of item 1 of it, tuple string item 1 of item 1 of item 0 of it, tuple string item 0 of item 1 of item 0 of it, tuple string item 5 of item 1 of item 0 of it) of ((item 0 of it, values of item 1 of it) whose (item 0 of it = (it as time) of tuple string item 0 of item 1 of it) , computer of item 1 of it) of (maxima of (it as time) of tuple string items 0 of values of results of it, results of it) of property 1 of fixlet 21 of bes site whose (name of it = “Trend Core Protection Module”)”
The virus detection notification and its lack of detail has been an on-going issue for us and we’ve explored many options on how to provide more detail in the e-mail alerts. Nothing really panned out until now. This customized report is EXACTLY what we’ve been looking for for the last 2 months. I think many CPM customers would be very happy to have this more detailed report and it might even be beneficial to offer this as an out-of-the-box option with CPM. Thanks very much, Sminisini!
Thank you very much for taking the time to work through this and define such an excellent report. I will take a look at this in a bit more detail and see what we can do about making this a canned report. In the meantime, what other report types are people looking for? Feel free to either share here or contact me directly. Either way, this would be an excellent way for us to work on improvements to the product to make it better for you!
Spot on, thanks Sminisini - report is what we’ve been after since moving from Bigfix AV to Trend - saves time having to refer back to the CPM dashboard looking for the infected file and remediation action.
Spot on, thanks Sminisini - report is what we’ve been after since moving from Bigfix AV to Trend - saves time having to refer back to the CPM dashboard looking for the infected file and remediation action.
I’ve attached a new version of the report which has the user name included in the email alert. I have not included the user name in the normal report as it would only report the currently logged in user and that may be different to the one that was logged in at the time of infection.
Hi sminisini, great addition to a very useful report…just testing the new report and having a problem with the output. Scheduled to run when the report changes, report is emailed but no content appears apart from the name of the report - have attached a screenshot.
Recently upgraded to v8 and running Outlook 2007…have you had success running the same software?
I haven’t tested the report in v8 yet, have you tried the latest report (with the username) or the original one? The report with the username may not be the best to use.
Very nice report…thank you! I was wondering if it can be edited to not include “Passed a potential Security Risk” items…so basically only include fails such as clean fail, delete fail, move fail…that type of thing. Also we have company names setup as retrieve properties…would a value of a specific retrieve property that stated Company Name be able to be added easily? Any help with this would be great. Thanks for all you have done.
I’ve modified the report (email and normal report) so it doesn’t include the “Passed a potential security risk” messages. I’ve also integrated the BES property “Location By Subnet” as an example on how you could integrate your custom retrieved property in the report.
This report has not been tested in version 8 nor has it been tested with the scheduled tasks however I would think this report would work fine in v7.
Thanks
(Please email me directly if you need help changing the property to your own custom one).
I know this thread is several months old, but I’d be very interested in getting the last version of the report mentioned. The one that wouldn’t upload. Or if there is something newer, that would be great. Thanks!