Jump to content

ESET Direct Endpoint Management Reports


Recommended Posts

On 6/15/2020 at 8:14 PM, MarcDaft said:

Just Wondering if any of you are using the ESET Direct Endpoint Management plugin and have done any nice reports.

Strangely enough I did just edit the Antivirus Health report in the Report Center recently to show threat data from DEM and also show scanners out of date if the Last Contact is newer than av definition date.

Attached is the report file

I can't remember if this was a custom view so just in case its using v_plugin_eset_dem_endpoints_threatlogs as a datasource

and here is the view

DELIMITER $$

ALTER ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `labtech`.`v_plugin_eset_dem_endpoints_threatlog` AS 
SELECT
  `peet`.`DateOccurred`  AS `DateOccurred`,
  `vxc`.`ClientID`       AS `clientID`,
  `vxc`.`ClientName`     AS `clientName`,
  `vxc`.`LocationID`     AS `locationID`,
  `vxc`.`LocationName`   AS `locationName`,
  `vxc`.`ComputerName`   AS `ComputerName`,
  `peet`.`ThreatType`    AS `ThreatType`,
  `peet`.`ThreatName`    AS `ThreatName`,
  `peet`.`Severity`      AS `Severity`,
  `peet`.`ScannerID`     AS `ScannerID`,
  `peet`.`ModuleVersion` AS `ModuleVersion`,
  `peet`.`ObjectType`    AS `ObjectType`,
  `peet`.`ObjectUri`     AS `ObjectURI`,
  `peet`.`ActionTaken`   AS `ActionTaken`,
  IF((`peet`.`ThreatHandled` = 1),'Yes','No') AS `Handled`,
  `peet`.`UserName`      AS `UserName`,
  `peet`.`ProcessName`   AS `ProcessName`
FROM (`labtech`.`plugin_eset_endpoint_threatlog` `peet`
   JOIN `labtech`.`v_xr_computers` `vxc`)
WHERE (`peet`.`ComputerID` = `vxc`.`ComputerID`)$$

DELIMITER ;

 

Antivirus Health.repx

Edited by Mathesonian
Link to post
Share on other sites
On 6/23/2020 at 3:03 AM, Mathesonian said:

Strangely enough I did just edit the Antivirus Health report in the Report Center recently to show threat data from DEM and also show scanners out of date if the Last Contact is newer than av definition date.

Attached is the report file

I can't remember if this was a custom view so just in case its using v_plugin_eset_dem_endpoints_threatlogs as a datasource

and here is the view


DELIMITER $$

ALTER ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `labtech`.`v_plugin_eset_dem_endpoints_threatlog` AS 
SELECT
  `peet`.`DateOccurred`  AS `DateOccurred`,
  `vxc`.`ClientID`       AS `clientID`,
  `vxc`.`ClientName`     AS `clientName`,
  `vxc`.`LocationID`     AS `locationID`,
  `vxc`.`LocationName`   AS `locationName`,
  `vxc`.`ComputerName`   AS `ComputerName`,
  `peet`.`ThreatType`    AS `ThreatType`,
  `peet`.`ThreatName`    AS `ThreatName`,
  `peet`.`Severity`      AS `Severity`,
  `peet`.`ScannerID`     AS `ScannerID`,
  `peet`.`ModuleVersion` AS `ModuleVersion`,
  `peet`.`ObjectType`    AS `ObjectType`,
  `peet`.`ObjectUri`     AS `ObjectURI`,
  `peet`.`ActionTaken`   AS `ActionTaken`,
  IF((`peet`.`ThreatHandled` = 1),'Yes','No') AS `Handled`,
  `peet`.`UserName`      AS `UserName`,
  `peet`.`ProcessName`   AS `ProcessName`
FROM (`labtech`.`plugin_eset_endpoint_threatlog` `peet`
   JOIN `labtech`.`v_xr_computers` `vxc`)
WHERE (`peet`.`ComputerID` = `vxc`.`ComputerID`)$$

DELIMITER ;

 

Antivirus Health.repx 239.37 kB · 2 downloads

Thanks I'll take a look.

Link to post
Share on other sites
  • 2 months later...
  • 1 month later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...