Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 4724 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

End point 'Up To Date' notification period - customise?

Craig_IT

Hi Everyone,

New to the forums in search of some support that I haven't had any luck finding via the knowledge base.

Basically my endpoints are set to update every 120 minutes (every 2 hours / 12 times a day) as a lot of our workstations are turned on / used at different times through the day, so this hopefully captures as many as we can.

My problem is that even though they are getting updated every two hours, I will always have between 40 and 100+ endpoints listed as "Not since...." in the up to date column and it hasn't even been 2 hours from the date and time they list.  For example, they will say "Not since 14/09/10 10:15:13 AM" and the actual time is 11:30am on the same day.  This causes the "Out Of Date Computers" statistic on the EC dashboard to be grossly inaccurate and is no good for reporting or any kind of real troubleshooting / diagnosis of PCs truly out of date by more than a day / week / etc.

Is there a way to customise the period for the EC to determine what is out of date and what is not, a configuration setting somewhere or a file you can modify some parameters for?

Thanks,

Craig

PS...this is Sophos Enterprise Console 4 for anyone wondering....thanks.

:5015


This thread was automatically locked due to age.
Parents
  • 0

    Hello and welcome, Craig

    To answer your question first: I believe the value is not configurable.

    If you take a closer look you will notice, that the "Not since" field contains only "discrete" values - it tells you the time when the oldest update which the computer has not yet applied became available. Now one could argue that SEC should take the updating interval into account and therefore not report the computer as out of date before this interval has expired.

    But that's not the intended purpose of this column. If you click Protection on the Dashboard you get a list of connected computers (the indicator is still - SEC4.5 - in error as it sometimes shows computers as connected which haven't reported back for months) which have not yet the latest package (or IDEs) applied. This is an important information if you want to assure that the client has the latest protection data (the number of IDEs is not the perfect indicator).     

    To get the PCs which are "really" out of date just sort the Up to date column (selecting the respective computers and using Edit->Copy you can export the list as tab-delimited file for further processing).

    Christian

    :5021
Reply
  • 0

    Hello and welcome, Craig

    To answer your question first: I believe the value is not configurable.

    If you take a closer look you will notice, that the "Not since" field contains only "discrete" values - it tells you the time when the oldest update which the computer has not yet applied became available. Now one could argue that SEC should take the updating interval into account and therefore not report the computer as out of date before this interval has expired.

    But that's not the intended purpose of this column. If you click Protection on the Dashboard you get a list of connected computers (the indicator is still - SEC4.5 - in error as it sometimes shows computers as connected which haven't reported back for months) which have not yet the latest package (or IDEs) applied. This is an important information if you want to assure that the client has the latest protection data (the number of IDEs is not the perfect indicator).     

    To get the PCs which are "really" out of date just sort the Up to date column (selecting the respective computers and using Edit->Copy you can export the list as tab-delimited file for further processing).

    Christian

    :5021
Children
No Data
Unfiltered HTML