Dan Massameno 0 Posted February 25, 2017 Posted February 25, 2017 The Functionality/Protection problems dynamic group template seems to have all the settings and more of the Functionality/Protection Status template and the Functionality/Protection Status of computer template. Is the Functionality/Protection Status template and the Functionality/Protection Status of computer template legacy templates from prior versions of ERA? If yes, now that we have ERA 6.4, should we just stick with the newer Functionality/Protection problems template and ignore the other two? Thank you.
Dan Massameno 0 Posted February 27, 2017 Author Posted February 27, 2017 For instance, Functionality/Protection Status of computer has the subclass Status. Functionality/Protection Status has the subclass Status and Source. Functionality/Protection problems has the subclass Status and Source and Problem and Feature. It seems like Functionality/Protection problems came along later in the evolution of the product and makes the other two obsolete.
ESET Staff MichalJ 434 Posted February 27, 2017 ESET Staff Posted February 27, 2017 Are you referring to symbols (the values, from which you can create a dynamic group template by yourself)? Could you illustrate them on the screenshot? AFAIK all of the values available are working, reason why there are some that might look like "overlaps" / duplicates are, that you can combine various to reach the functionality you want / need. Out of curiosity, for what in particular you use those particular symbols? Are you filtering something in particular or automating something in particular?
Dan Massameno 0 Posted February 27, 2017 Author Posted February 27, 2017 I don't know what the "symbols" are that you are referring to. I was referring to the Dynamic Group Templates (DGTs) in ERA Server. Screen shot attached. For example, Functionality/Protection problems, Functionality/Protection Status and Functionality/Protection Status of computer all have a of subclass "Status" (see screen shot.) The available options to match on for all three items are Malfunction, OK, Security notification and Security risk. It seems like these are complete duplicates of each other and would (probably) produce the same result.
ESET Staff MartinK 384 Posted February 27, 2017 ESET Staff Posted February 27, 2017 Functionality/Protection status: status of specific ERA components managed by AGENT, including Operating system status. This log will contain both OK and also RISK/MALFUNCTION entries. Functionality/Protection problems: basically it is subset of previous one, where only RISK/MALFUNCTION (non-OK) entries are listed, and they are listed with more details if available. Functionality/Protection status of computer: contains status of worst functionality problem detected. For example if previous logs were not reporting any issue, overall status of computer is OK. Otherwise it will be worst status from previous issues. My recommendation is to create report template (reports) with the same data fields and compare results for various computers.
ESET Staff MichalJ 434 Posted February 27, 2017 ESET Staff Posted February 27, 2017 (edited) Just to add a bit of an explanation to my confusing language. "symbols" are individual conditions, entries, that could be used in dynamic group template / report template creation, Basically each one of the entries, in the dialog that pops up when you click "add rule" is internally called a "symbol". Thanks MartinK for detailed explanation. AFAIK we are working on extending the documentation with data, that would include descriptions of all possible values in the DG template creation wizard. I have checked with the KB team, and updated article is here: http://support.eset.com/kb3741/ Edited February 27, 2017 by MichalJ
Recommended Posts