I am running AdminKit 6.0.1591 with several Windows Servers Enterprise Edition 6.0.2.551. When I click on a server in the AdminKit and go to the protection tab, I can see that some viruses have been detected. However when I run a "Virus Activity Report" these servers do not show up in the report. I have double checked the dates that the report runs to ensure they cover the time the viruses were detected. This was also happening before I upgraded to enterprise edition MP1.
I have an Enterprise Edition Policy and all the reports settings are on default which is "informational events" which should include virus detections but these are still not showing up in the reports.
Any help/pointers will be appreciated.
m.
Full Version: Detected viruses not reflected in Virus Activity Report
*BUMP*
We are also having this issue. Does anyone have any ideas?
The problem also occurs when generating a 'Report of the most infected desktops'.
Cheers!
We are also having this issue. Does anyone have any ideas?
The problem also occurs when generating a 'Report of the most infected desktops'.
Cheers!
i have the same problem exactly, i have administration server version 6.0.1591, can any body help please ??
I would like to know this too!!
Hello,
Events are not sent to the Administration Server or they are not saved in the database.
You can force registering of events related to detection or disinfection of viruses, you can read this FAQ for further details: http://support.kaspersky.com/faq/?qid=208279573
Do not forget to lock settings changed.
Events are not sent to the Administration Server or they are not saved in the database.
You can force registering of events related to detection or disinfection of viruses, you can read this FAQ for further details: http://support.kaspersky.com/faq/?qid=208279573
Do not forget to lock settings changed.
QUOTE(Tybilly @ 20.10.2008 23:16) 
Hello,
Events are not sent to the Administration Server or they are not saved in the database.
You can force registering of events related to detection or disinfection of viruses, you can read this FAQ for further details: http://support.kaspersky.com/faq/?qid=208279573
Do not forget to lock settings changed.
Events are not sent to the Administration Server or they are not saved in the database.
You can force registering of events related to detection or disinfection of viruses, you can read this FAQ for further details: http://support.kaspersky.com/faq/?qid=208279573
Do not forget to lock settings changed.
i already found the optioon for registering the Events in administration server enabled.
do you have any other idea? ??
i had to tell you something also, may be it will be useful,. this problem happened only after i update the Administration server to the version 6.0.1591 .
QUOTE(mlpotgieter @ 16.09.2008 19:29)
I am running AdminKit 6.0.1591 with several Windows Servers Enterprise Edition 6.0.2.551. When I click on a server in the AdminKit and go to the protection tab, I can see that some viruses have been detected. However when I run a "Virus Activity Report" these servers do not show up in the report. I have double checked the dates that the report runs to ensure they cover the time the viruses were detected. This was also happening before I upgraded to enterprise edition MP1.
I have an Enterprise Edition Policy and all the reports settings are on default which is "informational events" which should include virus detections but these are still not showing up in the reports.
Any help/pointers will be appreciated.
m.
I have an Enterprise Edition Policy and all the reports settings are on default which is "informational events" which should include virus detections but these are still not showing up in the reports.
Any help/pointers will be appreciated.
m.
First of all, do you see these events about found viruses in AdminKit events queries (node Events -> Critical)? How old are they?
QUOTE(Lashchenkov @ 21.10.2008 10:15)
First of all, do you see these events about found viruses in AdminKit events queries (node Events -> Critical)? How old are they?
if i go to %myAdminkitServer% > Right Click > properites > Events > and when i choose "Critical" from the drop down menu, i don't see any thing called "found virus".
all what i see is "licencse restricyion for this license key expired" , "viurs outbreak", "hots is out of control", "computer status "critical".
this is all what i see in this area (if you mean this area in your quetion),
if you mean from where i know that there is a virus found, i can tell you that i find the number of viruses found under the column "virus" when i view the clients in the group. it just show me number (for example, 2, 20 ..) and when when i check the software on the client i find that it's alreday catch a virus.
hope this will help you, i tried to make it very clear.
QUOTE(negm01 @ 21.10.2008 11:26)
if i go to %myAdminkitServer% > Right Click > properites > Events > and when i choose "Critical" from the drop down menu, i don't see any thing called "found virus".
all what i see is "licencse restricyion for this license key expired" , "viurs outbreak", "hots is out of control", "computer status "critical".
this is all what i see in this area (if you mean this area in your quetion),
if you mean from where i know that there is a virus found, i can tell you that i find the number of viruses found under the column "virus" when i view the clients in the group. it just show me number (for example, 2, 20 ..) and when when i check the software on the client i find that it's alreday catch a virus.
hope this will help you, i tried to make it very clear.
all what i see is "licencse restricyion for this license key expired" , "viurs outbreak", "hots is out of control", "computer status "critical".
this is all what i see in this area (if you mean this area in your quetion),
if you mean from where i know that there is a virus found, i can tell you that i find the number of viruses found under the column "virus" when i view the clients in the group. it just show me number (for example, 2, 20 ..) and when when i check the software on the client i find that it's alreday catch a virus.
hope this will help you, i tried to make it very clear.
Do you have a policy for this product or do you use local settings? Please provide the screenshots of "Events" tab (select Critical events in combobox there) from that policy and from the product settings on that computer.
QUOTE(Lashchenkov @ 21.10.2008 10:44)
Do you have a policy for this product or do you use local settings? Please provide the screenshots of "Events" tab (select Critical events in combobox there) from that policy and from the product settings on that computer.
kindly find the attachment
QUOTE(negm01 @ 21.10.2008 10:58)
kindly find the attachment
kindly find the attachment 2
QUOTE(negm01 @ 21.10.2008 10:00)
kindly find the attachment 2
I think I might know why this occurs.
If the KAV detects a threat the very first time it starts, after the installation is done, before the policy through the agent is applied, this could happen.
The threat info is transferred to the backup directory because of the settings in the remote install package, but the policy for the critical action in the eventtab hasn't been applied yet.
The same kind of problem occurs when the computer has been off for a while and you turn it on again.
If the policy is set to send you a warning message when the signature is 2-7 days old, the message goes away before the updater task has run.
This is very annoying since almost all workstations are turned off during weekends and the "signature out-of-date" event occurs at startup.
And having an updater task as soon as you start you machine without a delay isn't nice either.
It's just a guess, but I believe I have experienced this a couple of times.
QUOTE(negm01 @ 21.10.2008 12:00)
kindly find the attachment 2
This is not what I asked for. Once again. Which product founds viruses? Do you have a group policy in AdminKit for this product? If yes, please provide screenshots of its settings (including number of days to store events in DB and "lock" state). And please also provide screenshots of the Events page in the settings of THIS anti-virus product (not AK server, as you have attached in this post).
QUOTE(stelben @ 21.10.2008 11:56)
I think I might know why this occurs.
If the KAV detects a threat the very first time it starts, after the installation is done, before the policy through the agent is applied, this could happen.
The threat info is transferred to the backup directory because of the settings in the remote install package, but the policy for the critical action in the eventtab hasn't been applied yet.
The same kind of problem occurs when the computer has been off for a while and you turn it on again.
If the policy is set to send you a warning message when the signature is 2-7 days old, the message goes away before the updater task has run.
This is very annoying since almost all workstations are turned off during weekends and the "signature out-of-date" event occurs at startup.
And having an updater task as soon as you start you machine without a delay isn't nice either.
It's just a guess, but I believe I have experienced this a couple of times.
If the KAV detects a threat the very first time it starts, after the installation is done, before the policy through the agent is applied, this could happen.
The threat info is transferred to the backup directory because of the settings in the remote install package, but the policy for the critical action in the eventtab hasn't been applied yet.
The same kind of problem occurs when the computer has been off for a while and you turn it on again.
If the policy is set to send you a warning message when the signature is 2-7 days old, the message goes away before the updater task has run.
This is very annoying since almost all workstations are turned off during weekends and the "signature out-of-date" event occurs at startup.
And having an updater task as soon as you start you machine without a delay isn't nice either.
It's just a guess, but I believe I have experienced this a couple of times.
i don't think so, because this is not DELAY in reflecting the viruses in Virus Activity Report, even afetr a week, a month, it will not show any thing in Virus Activity Report.
QUOTE(negm01 @ 21.10.2008 11:34)
i don't think so, because this is not DELAY in reflecting the viruses in Virus Activity Report, even afetr a week, a month, it will not show any thing in Virus Activity Report.
negm01, I couldn't let this issue just disappear in the sand...
Are you sure that it's not an adware or spyware that is detected?
They are only warning messages and not included in the virus activity report.
Check to see if you can find them on the Admin server under events-warnings.
Just a thought.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.