I am looking for a relevance that gives me the status of startup type of symantec service. Service name is “norton antivirus client”.
The one i tried:
if exist service “norton antivirus client” then ((service name of it & " # " & state of it & " # " & start type of it & " # " & (version of file (substring between “%22” of (Image Path of it)))as string) of service “norton antivirus client”) else "NotInstalled # # # "
But it didn’t work.
Any suggestions would be much appreciated. Thanks in advance!
The results of the inspector "image path of " can vary drastically. Only if the image path has spaces will it be enclosed by quotes (%22), otherwise it will not have quotes at all. Several of the image paths on my system have arguments after the file path, and some of the file paths have environment variables (like %SYSTEMROOT%) which you may have to account for.
You will have to get the results of a system’s
image path of service “norton antivirus client”
and customize the relevance based on its specific results.
Thanks for the Reply Jeremy. The relevance we used to get the ‘state of the service’ is as below and it giving me the expected output :
if (exists service “norton antivirus server”) then (state of service “norton antivirus server”) else (if (exists service “norton antivirus client”) then (state of service “norton antivirus client”) else (if (exists service “symantec antivirus server”) then (state of service “symantec antivirus server”) else (if (exists service “symantec antivirus client”) then (state of service “symantec antivirus client”) else (if (exists service “symantec antivirus”) then (if (state of service “Symantec AntiVirus” = “Running” AND exists running application “rtvscan.exe” whose (version of it >= “11” as version)) then (if (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\Filesystem\RealTimeScan” whose (value “OnOff” of it = 0) of registry) then “Stopped” else “Running”) else state of service “Symantec Antivirus”) else (if (exists service “navapsvc”) then (state of service “navapsvc”) else “”)))))
As now i need to monitor the ‘startup type’ of the same service, the one tried is as below, however this below i tried by editing the above mentioned relevance:
if (exists service “norton antivirus server”) then (startup type of service “norton antivirus server”) else (if (exists service “norton antivirus client”) then (startup type of service “norton antivirus client”) else (if (exists service “symantec antivirus server”) then (state of service “symantec antivirus server”) else (if (exists service “symantec antivirus client”) then (startup type of service “symantec antivirus client”) else (if (exists service “symantec antivirus”) then (if (startup type of service “Symantec AntiVirus” = “Automatic” AND exists running application “rtvscan.exe” whose (version of it >= “11” as version)) then (if (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\Filesystem\RealTimeScan” whose (value “OnOff” of it = 0) of registry) then “Stopped” else “Running”) else state of service “Symantec Antivirus”) else (if (exists service “navapsvc”) then (state of service “navapsvc”) else “”)))))
If you see in the 2nd relevance i am not sure what registry value would give me the startup type of Symanctec. whether it would be OnOff or something else??? this where i am stuck…
Please help…If needed i can open a ticket for the same with Bigfix team…if it so then please suggest which should be appropriate team to open a ticket with…
Thanks for posting. But i am not sure where i need to set the service states as it would be in 3 states those are as follows:
1.Automatic
2.Manual
3.Disabled
BTW as per your suggestion, here is the relevance:
if (exists service “norton antivirus server”) then (start type of service “norton antivirus server”) else (if (exists service “norton antivirus”) then (star type of service “norton antivirus”) else (if (exists service “symantec antivirus server”) then (state of service “symantec antivirus server”) else (if (exists service “symantec antivirus”) then (start type of service “symantec antivirus”) else (if (exists service “symantec antivirus”) then (if (start type of service “Symantec AntiVirus” = “Automatic” AND exists running application “rtvscan.exe” whose (version of it >= “11” as version)) then (if (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\Filesystem\RealTimeScan” whose (value “OnOff” of it = 0) of registry) then “Stopped” else “Running”) else state of service “Symantec Antivirus”) else (if (exists service “navapsvc”) then (state of service “navapsvc”) else “”)))))
if (exists service “norton antivirus server”) then (start type of service “norton antivirus server”) else (if (exists service “norton antivirus”) then (start type of service “norton antivirus”) else (if (exists service “symantec antivirus server”) then (state of service “symantec antivirus server”) else (if (exists service “symantec antivirus”) then (start type of service “symantec antivirus”) else (if (exists service “symantec antivirus”) then (if (start type of service “Symantec AntiVirus” = “Automatic” AND exists running application “rtvscan.exe” whose (version of it >= “11” as version)) then (if (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\Filesystem\RealTimeScan” whose (value “OnOff” of it = 0) of registry) then “Stopped” else “Running”) else state of service “Symantec Antivirus”) else (if (exists service “navapsvc”) then (state of service “navapsvc”) else “”)))))
You need to register the SWD download plugin on the BES Server. Should be a Fixlet called “BES Server: Register Download Plug-in for Software Distribution” underneath Software Distribution -> Setup in the Systems Lifecycle domain.