Anyone have a custom report that can audit a specific .exe usage? I’d like to generate a report on “runas.exe” usage with computer and username and date.
We currently have an overnight wake-up process of our workstations that occurs which allows any dormant machines to get needed updates. Our current configuration is to be be able to identify processes are running and keep the clients online until it is identified that the processes have completed.
In the case of the SEP client, is it possible to identify at the local client level or possibly with an API, when the client is updating definitions and when it has successfully completed updating so the workstations can be powered down again.
I have this issue, In the client where I am using a Web prevent server to monitoring traffic and they have 3 bluecoat proxy and a F5 load balancer between the Web prevent Server, weeks ago upgrade to version 14.6 MP1 for the compatibility with the version of SGOS 6.6.x of the proxy.
For do some testing only one of the proxy SG is configured to send the ICAP traffic for dlp server and remove all the categories leaving only 2 web page, dlptest.com and www.fastmail.com, in one computer set the ip of the proxy and create 1 or 2 rules with keywords only but is not creating incident when open the mail via https or http via dlptest.com
Its possible that the F5 still generade a problem?
In the WebPrevent_Access0.log see the traffic for this two page
Is any Troubleshooting possible?
10.99.220.162 “V2luTlQ6Ly9DQVNBX0NFTlRSQUwvQzA1MjA4” 12/jul/2017:15:28:57:365-0300 “GET https://www.fastmail.com/events/ HTTP/1.1″ 204 468 “” “Mozilla/5.0
10.99.220.162 “V2luTlQ6Ly9DQVNBX0NFTlRSQUwvQzA1MjA4” 12/jul/2017:15:31:57:904-0300 “POST https://www.fastmail.com/api/ HTTP/1.1″ 204 796 “” “Mozilla/5.0
10.99.220.162 “V2luTlQ6Ly9DQVNBX0NFTlRSQUwvQzA1MjA4” 12/jul/2017:15:22:33:158-0300 “POST https://dlptest.com/https-post/ HTTP/1.1″ 204 6600 “” “Mozilla/5.0
10.99.220.162 “V2luTlQ6Ly9DQVNBX0NFTlRSQUwvQzA1MjA4” 12/jul/2017:15:22:35:467-0300 “POST https://dlptest.com/https-post/ HTTP/1.1″ 204 11988 “” “Mozilla/5.0
I’m currently looking at this KB as my procedure to the migration from embbeded to SQL,
But I noticed that’s been outdate since August of 2012. Is this still the correct migration procedure for SEPM 12.1.6mp6? Or there’s another KB that I need to look at.
This is the summary of the KB:
1. Backup the database
2. Uninstall the SEPm
3. Install SEPM
4. Import JKS Keystore
5. Run the backup and restore wizard and restore the backup file.
Actually we have 2 GSS servers in our environment. The first one is using for testing/pilot, etc. (i.e. for testing 3.2 RU1) and the second is the one used in production.
Sometimes we create and jobs in our testing environment and, after testing, we export *.bin files and import in the production server.
But sometimes we need to create jobs directly in production so, at the end, we can have different jobs in the two servers, or same name jobs but different content.
So, do you know some easy way to synchronize the jobs for these servers? I think I can schedule export/import but importing a job with the same name looses its history for computers.
Any idea would be very appreciated.