Jump to content

InfosecAtom

Members
  • Content Count

    4
  • Joined

  • Last visited

Profile Information

  • Location
    USA

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. That is precisely what we seek to do. When an agent gets installed, but with an improper config, then we want to be able to detect that the agent is not healthy. Short of it's absence in ESMC, we don't have a way to identify that.
  2. I am aware of the diagnostic files that reside in C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs but I am curious whether EMA has any command line functionality that dumps status data which is similar to that found in the status.html file of the above directory? My reason for asking is devising an easy way to assess health of the agents in an automated manner on endpoints (i.e. pick-out non communicative endpoints) using an endpoint configuration management solution. Would scraping the status HTML be the only way? Or is there indeed a command line method of interact
  3. It was a Windows 10 endpoint, so it would not be vulnerable. It was flagging only on the attempt. I figured out what the issue was, I falsely believed that program name was supposed to be a IDS exception rule name. Removing all input from the program name field resolved my issue.
  4. I am getting these alerts from our vulnerability scanner in ESMC, despite having created an IDS exception policy to not alert or log on scans from the vulnerability scanner. Am I supposed to be creating the exception elsewhere to avoid all endpoints filling my detections log with all these events?
×
×
  • Create New...