Symantec/Norton Antivirus Custom Tasks

(imported topic written by dscheinost91)

I am looking to create custom Tasks /Fixlets to run Norton Antivirus and report its findings back to the Webreports page. Has anyone already created similar tasks/fixlets?

Thanks

Dave

(imported comment written by dscheinost91)

I think that I have figured out how to run a scan by command line a switches but I have not even worked on scraping the logs and sending them to the webreports page any ideas??? anyone???

(imported comment written by dscheinost91)

I am trying to get Norton Antivirus to run without displaying the results to the screen…anyone have any ideas on that? I can get it to run but it requires manual intervention to click the finish button.

(imported comment written by brolly3391)

Hello Dave and welcome,

It might help if you gave a bit more specifics on what you are trying to do. For example:

I am running Symantec AV 10.1 and I am trying to show any virus alerts in my Web Reports.

On my system the Symantec AV logs are stored in C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Logs and are named by date - 04202007.Log.

Here is a sample log entry:

250314082711,14,2,8,NAME,SYSTEM,16777216,“Symantec AntiVirus services startup was successful.”,0,0,0,AVSERVER,{D036AA85-D3DF-4F46-8EC5-8D8201940FD9},XXXX,(IP)-1.1…,WORKGROUP,1.1.1.1,0,

The events I am trying to capture in the log are AV alerts and they look like this:

I know I can view the results of an analysis in my web reports so I am using an analysis to gather the information. The relevance I am using in my analysis is:

lines whose (it as lowercase contains “virus alert”) of file “04202007.Log” of folder “C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Logs”

We really do love to help people out but we need a few details to work with.

Cheers,

Brolly

(imported comment written by dscheinost91)

Brolly,

  1. Did you get Norton to run from the Command line to schedule a Full Scan every night?

  2. This may be helpfull to get some of the log information to the webreports page, I will have to try it.