m.gospodinov
Members-
Posts
8 -
Joined
-
Last visited
-
m.gospodinov reacted to a post in a topic: dynamic groups expressions, update antivirus on list of computers, delete a trigger
-
MichalJ reacted to a post in a topic: dynamic groups expressions, update antivirus on list of computers, delete a trigger
-
10. Dashboard > Computers > Security risk > Detailed information - I get a list with computers that have a problem. Most just require restart but others have different problems. Is there a way to separate them or at least add a field with the problem? Right now I have to click on each of these computers to see details and then go to alerts, which is extremely time consuming. p.s. I found it - Dashboard > Top computer problems > Expand the field > Table view.
-
m.gospodinov reacted to a post in a topic: dynamic groups expressions, update antivirus on list of computers, delete a trigger
-
Yes, "I want to deactivate installed ESET products" is checked by default and I don't uncheck it. I logged into https://ela.eset.com/ with our account and was able to resolve the problem by checking individual computer names. The "problem" was that some of the oldest machines were not using a license, probably my predecessor has cleaned them. So that's ok. 9. BUT! 😁 From the dashboard I exported a list of machines that had never connect to the security management center. Then I put that list to powershell so I can check when these machines have connected to the active directory. Now I have a list of stale computers that haven't connected for more than 90 days and I want to remove them from the security management center (ERA). The problem is that I have a .txt file with the names and there's no option to run a task against that .txt file. The computers are not that much so I'll delete them one by one, but it would be a nice option to have.
-
m.gospodinov reacted to a post in a topic: dynamic groups expressions, update antivirus on list of computers, delete a trigger
-
m.gospodinov reacted to a post in a topic: dynamic groups expressions, update antivirus on list of computers, delete a trigger
-
m.gospodinov reacted to a post in a topic: dynamic groups expressions, update antivirus on list of computers, delete a trigger
-
m.gospodinov reacted to a post in a topic: dynamic groups expressions, update antivirus on list of computers, delete a trigger
-
That did it, thanks! Still it would be nice to add checkboxes to each of the lines in the attached image and export them all at once. Now that explains a lot! As I suggested, the filters looked at a different scope but I never thought that difference would be just another ESET software on the client computer. I'll play again with dynamic groups later. 8. Now I'm removing offline computers but I don't see change in the number of licenses. What I'm doing is this : find the computer by name > click on it and then click on "Remove" > click on "stop managing" > click on "remove device". The number of used licenses doesn't change.
-
This doesn't work : Installed software . Application version is not one of {7.1.2053.0} This works : OS edition . OS name is not one of {Microsoft Windows XP Professional} Also. This gives me any results as if not filtered at all : Installed software . Application version doesn't contain 7.1.2053.0 This gives me filtered results, yet not complete, as mentioned before : Installed software . Application name = (equal) ESET Endpoint Antivirus Installed software . Application vendor = (equal) ESET, spol. s r.o. Installed software . Application version doesn't contain 7.1.2053.0 I really can't grasp the logic behind these filters. Is there a thorough guide on using them? 7. Another problem I just came upon. When I check the dashboard > overview > security risks there are some machines. Most of them just require a restart. How can I export a list of these machines so I can put it to powershell to restart at a convenient time?
-
Hello and thanks for the tips. 1. I tried with nested groups. First filtered all computers that are not XP or Server. When I sort the results by "Security Product Version" I see there are some that have an older version that 7.1.2053.0. Then I create a sub group with just these two expressions : Installed software . Application name = (equal) ESET Endpoint Antivirus Installed software . Application version doesn't contain 7.1.2053.0 Again only the same four computers. Is it possible that the filters applied are somehow not working or searching a different scope? Just to experiment I try creating a brand new dynamic group and playing with expressions. When I try : Installed software . Application version ≠ (not equal) 7.1.2053.0 OR Installed software . Application version doesn't contain 7.1.2053.0 I get results that contain computers WITH 7.1.2053.0 version. Why? 2. My list of computernames is a .txt file. They have agent and an older antivirus version (7.0...) installed. I want to upgrade them to 7.1.2053.0. According to your answer to point 5, I can use the RemoteDeploymentTool to run the installation onto this .txt file is that right? 3 and 4. That's exactly what I was looking for, thanks. 6. When I use the dashboard to check computers sorted by antivirus version, click on "detailed information" and then on the applied filters, I have an option to add another filter. The problem is that I don't have an option to add filter by OS version. It would be nice to have that.
-
Hello. I'm currently learning how to operate security management center and I have several problems with basic functionality. 1. When I look at the dashboard, there are a lot of computers(total 141) that don't have the latest antivirus version - 7.1.2053.0. Mainly they are with 7.0.2091.0, 7.0.2100.4 and 7.1.2045.5. I create a template for a dynamic group that contains the following expressions/rules : Installed software . Application name = (equal) ESET Endpoint Antivirus Installed software . Application version doesn't contain 7.1.2053.0 OS edition . OS name doesn't contain Microsoft Windows XP Professional But in the dynamic group appear only four computers. I also tried this way, but again the same four computers : Installed software . Application name = (equal) ESET Endpoint Antivirus Installed software . Application vendor contains ESET Installed software . Application vendor = (equal) ESET, spol. s r.o. Installed software . Application version doesn't contain 7.1.2053.0 OS edition . OS name doesn't contain Microsoft Windows XP Professional 2. The second problem is that I can't find how to push a task to a list of computer names, only to groups. 3. The third problem is that I can't find how to delete a trigger. I have two tasks that are being executed on one of my dynamic groups and I want to remove the execution of one of them without deleting the task itself. 4. Where can I see a particular task on what groups/triggers is being executed? That's all for now but I'm sure more questions will pop up as I continue to clean the mess of my predecessor. p.s. 5. another question - what will happen if I run the RemoteDeploymentTool and install the latest version if there is already a previous version installed?
-
m.gospodinov reacted to a post in a topic: The status for driver eelam (eelam) remains Stopped
-
Hello. I recently noticed something strange on several of our servers. In event viewer there's the following entry : "The status for driver eelam (eelam) remains Stopped. Additional Driver Information: Startup type: Automatic Executable: \SystemRoot\system32\DRIVERS\eelam.sys". The file itself is where it should be. There is also a registry path HKLM\SYSTEM\CurrentControlSet\Services\eelam but no "eelam" service in "services.msc". When I try to change the startup type in the registry, I get an error, so I suppose it's some kind of ESET defence. So why is this service not listed where the other services are? Why it's set to start automatically but it doesn't actually start? Server is 2012R2 (with updates) and File security is 7.0.12018.0.