BrianMorris

I like that idea! I second the motion

For me, the more important part of the infection/alert notification emails is URI (Uniform Resource Identifier), but I can't find a way to add it. When I get an email notification, I can add all the other fields that I need EXCEPT URI.

We get many calls where a user is blocked from doing something (like copier scanning) because the ESET firewall is set to Public. I don’t think that we can see or control this in the Cloud Console. I request that we at least be able to see whether the endpoint of Public or Home/Office in the Console.

Yep, that’s right. You saw that you have a few options on how to create that exclusion, too (hash, file name).

Syncro MSP recently released a forum and it has an API for the Discourse app for mobile phones. I find it much easier to interact in the forum in free time if I could in an app. Is there a way to do that with this forum or can I request that you enable Discourse intregration?

I figured I'd jump in for fun! I tried to test for the vulnerability: (as Marcos keeps saying, they don't use log4j; also, if an endpoint tries to USE the exploit, it will be stopped -- that's cool)

Mike, Assuming that you are using ESET CLOUD, try again with the new v3. It is much easier to set up now. I do get email alerts successfully.

That green dot seems to be new in the ESET CLOUD. I have it there right now when I look. In the past, I would just compare the Last Connected time with the current time and use that as my guide.

Thanks everyone at ESET for all of the improvements. I've just been playing some this morning and I see some things that were added/changed that I've been asking for and that have been needed for years. 1 - I can add the file path/name of the detected malware to email alerts 2 - The UI of the customizing of the alert is MASSIVELY improved. 3 - I can UPGRADE a license without needing to suspend, activate, wait for computers to come online, etc. THIS IS HUGE!!!!!!! 4 - EDTD submissions now show on the Computer Detail page What else will I notice?

I think we figured it out. Our Meraki router is blocking something in the download process. OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt https://snort.org/rule_docs/1-57103 Engineers: watch for others with this problem. I cannot install the ESET agent at the site with a Meraki router right now. I'm working on a workaround.

My scripts for installing the agent stopped working and I can't get the epi_win_live_installer.exe to work that I just generated in ESET CLOUD. It just disappears in the middle of downloading the agent. \ Are there any known issues going on?

Thanks for the reply. Just to reiterate, I have 176 endpoints that should have EDTD. I have them in a group with a policy with EDTD settings. If EDTD fails in some way after activation, I will be alerted. If I forget to activate/enable EDTD, it won't tell me. Could you add a column that is the EDTD status?

When EDTD stops an endpoint from running an unknown file, it puts the details in Detections > Submitted Files in PROTECT Cloud. It DOES NOT put any details in the Detections & Quarantines section in the detail of the endpoint itself in PROTECT Cloud. (See images attached) The practical effect of this is that a client will call that can't run an EXE and we look at the endpoint in PROTECT Cloud and see no evidence that ESET blocked anything. We have to check this other place (Detections > Submitted Files) to double-check. Could you make a new tab called EDTD to Detections & Quarantines area in the endpoint's detail?

Is there a good way to tell if an endpoint has EDTD enabled at a glance? I have some clients that pay more and get EDTD, but I can't figure out how to make sure they have have it activated and on without individually checking each computer.

That's cool that we can customize this -- I didn't realize that. I see that more options have been added:

I believe that the update did fix this. It was really difficult to do things without that! I depend on this feature. Thanks for fixing it.

Thanks for the response! Ok, I re-read what you posted above and you gave me some hints. I found that I can click on the outdated Agent version and click "Update installed ESET products..." and then just tell it to upgrade all of those agents. This is a huge help.

Marcos, I probably wasn't clear enough! Here is an example alert. I want the URI to be included in the email alert. It's not an option to be included in the alert. This is the info that ESET generates (pic).

I would imagine that ESET wouldn't know which page loaded this URL. Similar to this, I have these kind of alerts feed into my PSA via an email alert. I can't find any way to include that URL in the email alert. I think it may be a bug.

FEATURE REQUEST! Could the dev team please just add a column for the Agent Version, just like there is a column for the Security Product version. Right now if I pull a report with older Agent Versions, I literally take a pic with my phone or take screenshot and print it and manually find the assets and update them. It's awful. Adding a column would improve the my user experience considerably!!

I use the Last used Tasks ALL THE TIME, but lately in ESET CLOUD, it has been greyed out. Occasionally it will work, but 90% of the time it's not. I use it for upgrading the agent and upgrading the AV version. Any others having this issue?

So I have 173 end points with EDTD licenses and hundreds of others without EDTD. I have all the EDTD client groups together and have the policy set for them. I wish there was a way for me to add a column in ESET CLOUD to see if EDTD is enabled and running. The only way I can think of to check is to go into each endpoint right now. I could check my license status to see if all of my licenses for EDTD have been used, but this don't always give me what I want (a computer gets Reset and ESET is reinstalled without EDTD for example). Are there any ways that I can accomplish this? If not, can I propose this as a feature request?

Slarkins, I'll help you if you don't get a response from ESET support. Here's their quick guide for upgrading the product version: https://support.eset.com/en/kb7522-update-your-endpoints-remotely-using-the-eset-security-management-center Here's their quick guide for upgrading the agent: https://support.eset.com/en/kb7465-upgrade-eset-remote-administrator-agents-65-or-eset-management-agents-70-to-the-latest-eset-management-agents-71-using-the-components-upgrade-task I know from personal experience how painful and difficult this is. Please post here and we'll all learn together.

Totally agreed on all these points! I have clients that need to be rebooted for over a week sometimes after an update... I'm struggling to figure out why so many of my clients are getting messages about the agent being out-of-date. On my end, it says it's up-to-date. I waited on hold for support for 34 minutes before giving up today.