emed 0 Posted November 9, 2020 Share Posted November 9, 2020 Hi. After update clients to newest versions ( ESET Management Agent 7.2.1266.0 , ESET Endpoint Antivirus 7.3.2044.0) some of them won't send device control log anymore. My ESMC version is: ESET Security Management Center (Server), Wersja 7.2 (7.2.1278.0), ESET Security Management Center (Konsola internetowa), Wersja 7.2 (7.2.230.0). I was trying to reinstall client with no good results. Could you help me to find the solusion form that? Thanks Link to comment Share on other sites More sharing options...
Administrators Marcos 4,933 Posted November 9, 2020 Administrators Share Posted November 9, 2020 Do you have the warning severity set for DC rules? Link to comment Share on other sites More sharing options...
emed 0 Posted November 9, 2020 Author Share Posted November 9, 2020 I set "always" at any of rules. But the problem is that some clients reports correctly and some other dont. They are in the same group with same politics applied (and the same clients versions). It is strange situation . Maybe there is some problems with cache or size od log file. I have no idea where to look for. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,933 Posted November 9, 2020 Administrators Share Posted November 9, 2020 Only records with warning and higher severity are sent to the ESMC server. Link to comment Share on other sites More sharing options...
emed 0 Posted November 9, 2020 Author Share Posted November 9, 2020 So why few clients with "always" severity are sending logs to my server ? I have report created and i get just few of datas which i should see there. Link to comment Share on other sites More sharing options...
emed 0 Posted November 9, 2020 Author Share Posted November 9, 2020 For example i have rules like this. And that rules are applied to groups of computers where few are reportnig and rest not. That is the problem which i couldn't solved. Link to comment Share on other sites More sharing options...
emed 0 Posted November 9, 2020 Author Share Posted November 9, 2020 please take a look at severity, there is various level of logs. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,933 Posted November 9, 2020 Administrators Share Posted November 9, 2020 Still I think that it's necessary to set the warning verbosity for rules, see https://forum.eset.com/topic/18731-how-to-created-device-control-report/. The question is why you have also records with informative verbosity logged. I'd recommend opening a ticket with your local support to find out. Link to comment Share on other sites More sharing options...
Recommended Posts