Reporting Log Writer - Provision to Log client status / No of up-to-date computers etc ?

Hello,

We are using SEC version 5.5.0 and have installed Sophos Reporting log writer in the same server where SEC is installed.

Is there a provision in Log writer to log the following data

1) No of clients connected / Up to date computers

2) Latest Update date etc

 

At the moment, what I could see is, it writes a log only when an event is triggered. But I would like to have a log written every 1 hour or so with the above details.

I went through the Log writer guide and could not find any data source for such reporting.

 

Any support here would be much appreciated. Thanks

  • Hi  

    The data which you have above mentioned can't be fetched through log writer. Instead of that, you can use Sophos Reporting Interface through fetching some of the data with your required frequency.

    Using, SRI can't currently get you the information for no. of clients connected but it may be available in the next version with other information like managed, unmanaged and more.

    For up to date computers, it can be possible but not directly through SRI. You need to use Excel pivot to collaborate the different data to get the information for that. It needs to join data from below three data feeds.

    vPackageData - The out-of-logic should follow data fields Expired and ExpiryTime from this data source.
    vComputerPackagMapping
    vComputerHostdata - It contains Computer Name and Computer IP address information.
     
    Out of date computers are those who are linked to a package where Expired is set to true and the ExpiryTime is older than the current time minus pre-defined latency period. The latency period is the expected time for an update downloaded by SUM to propagate to all computers. In SEC it is set by default to one hour but it could be changed if needed.
     
    Please make sure that the out-of-date logic is set to UTC as the ExpiryTime values are in UTC time zone.
     
    For Latest Update, we don't have that feature in our Enterprise console as well, we just have up to date feature in SEC.
     
    This all data source and data field's information are mentioned in this guide.