QuestionPerson
-
Posts
5 -
Joined
-
Last visited
Posts posted by QuestionPerson
-
-
On Linux: I was wondering whether ESET Endpoint Security logs event messages to syslog, and if it does not do so by default, whether it is possible to configure it to use syslog?
-
-
Thank you for the swift reply, Marcos!
7 minutes ago, Marcos said:You'd need to enable logging of all scanned files. This is possible only on Windows
How would I enable this on Windows? Can you confirm that, on Linux, there is no entry to be found in an exported xml config file that would enable the listing of all scanned files?
10 minutes ago, Marcos said:Not sure what other information you'd expect.
Right now I'm still learning about ESET and looking for all the information I can retrieve from the logs
As you rightly stated though, the detection log really should have all I need. However, a list of scanned directories and items would still be important to have in my use case.
-
Hi,
I'm looking into ESET on-demand scans on Linux, and am trying to figure out how to retrieve the details of an on-demand scan.
Specifically, I have a directory filled with a couple of random files and directories, including two Eicar test files. So far I am using <lslog> with parameters <--scans --with-log-name> to get a scan's log name, followed by <lslog> with parameters <--ods-details> and <--ods-detections>. This yields a scan's basic duration and detection information.
However, I am looking for:
- A list of all files and directories that have been scanned. Right now, the <--ods-details> output merely lists the top folder that I asked ESET to scan. I'm looking for a list of all (sub-)folders and all files that ESET actually did scan.
- Detection details. In this thread the log yields much more detailed information about an encountered threat. I was wondering where/how I might retrieve this information for threats encountered during an on-demand scan.
- More verbose output. Specifically, I was looking at an exported (to xml) config file and found three fields of interest: <Settings/Log/SyslogFacility> (default: 5), <Settings/Log/MinimumLogVerbosity> (default: 8), and <Plugins/ODScand/LogAllEnable> (default: 0). What are these? What values are accepted? How can I set these in order to have ESET yield more verbose logging information? What additional information is available?
ESET Endpoint Security interface to syslog
in ESET Endpoint Products
Posted
Hi Peter,
Thanks for the reply, I'm very happy to hear that this works!
Could I trouble you for some details? I found the following in the exporter ESET .xml configuration:
How would I set/change these values to - for example - see the results of the latest on-demand scan?
Also, how/where would I be able to see the syslog messages? My machine is running rsyslog and it's probably very easy to do, but I never used it before o_O
And, finally: Does the syslog logging depend on having an activated license? (I'm waiting for mine as we speak and want to make sure I'm not looking for something that won't work until ESET is activated.)
Cheers,
Fabian