Jump to content

New to ERA, would like help with dynamic groups


Rob Andrews
 Share

Recommended Posts

Hi all,

 

New to using ERA, im currently looking to create a dynamic group called 'Infected Computers', where any customer computer that detects a threat is moved to. Once in the Infected Computers group, i'd like to set a rule of some sort that automatically runs a scan on the infected device which cleans it, then a rule which runs another scan, and if the computer is then clean, removes it from the Infected Computers group. Can anyone help me with how I can set this up if its possible?

Many thanks,

Rob

Link to comment
Share on other sites

  • ESET Staff

For this purpose, you can use the dynamic group template "computers with active threats". Every time, an un-handled threat is reported (meaning threat, that was not possible to be cleaned / or was not removed by the product directly), computer is added to this dynamic group. 

You can then assign a task "on-demand scan" with "in-depth scan" (profile), set to "strict cleaning" (you can adjust the cleaning settings by policy for Endpoint). That will basically remove any "uncleaned" threats from the machine, by the means of deleting. The task should be set to "joined dynamic group trigger". 

Please note, that "active threats" are not the same as "unresolved threats". Number of unresolved threats includes also the ones, that have been handled, but have not been acknowledged by the administrator (yet) - by marking them as "resolved". This will change in the future, release, where handled threats will be resolved automatically. If you need a further help, please let us know. 

Edited by MichalJ
Link to comment
Share on other sites

Hi Michal,

 

I've had a look in our Dynamic Group Templates list, but no "Computers with active threats" template exists. Do I need to download this template from somewhere? Or manually create it?

 

Thanks,

Rob

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...