Manualshelf

Product guide

ManualsBrandsVMware ManualsComputer equipmentVCENTER CONFIGURATION MANAGER 5.3 - SOFTWARE CONTENT REPOSITORY TOOL GUIDE
51525354555657585960
Monitoring the SVA
Monitor the status of the SVA using the Threat Event Log in ePolicy Orchestrator, or the Health and
Alarms feature in VMware vShield Endpoint.
View the Threat Event Log
Use the Threat Event Log to quickly view and sort through events in the database. You can choose
which columns are displayed in the sortable table. Depending on which products you are managing,
you can also take certain actions on the events.
Task
For option definitions, click ? in the interface.
1
From the ePolicy Orchestrator console, click Menu | Reporting | Threat Event Log.
2
Click any of the column titles to sort the events. You can also click Actions | Choose Columns.
3
From the Available Columns drop-down list, select table columns as needed, then click Save.
4
Select events in the table, then click Actions and select Show Related Systems to see the details for the
systems that sent the selected events.
View the Health and Alarms page
Check the status of the SVA from the Health and Alarms page.
Task
1
From the vSphere Client, select Inventory | Hosts and Clusters.
2
From the resource tree, select a data center, cluster, or ESXi host resource.
3
Click the vShield tab.
4
Click Endpoint.
The vShield Endpoint Health and Alarms page displays the status of the items.
Queries and reports
Use ePolicy Orchestrator queries to view events, run default queries, and create reports.
View events in the Threat Event Log.
Run default queries that show important client information.
Create reports using data sent by the McAfee Agent to the ePolicy Orchestrator database.
For information on how to run a query or report, see the ePolicy Orchestrator product guide.
Queries are questions that you ask ePolicy Orchestrator, which returns answers as charts and tables.
You can export, download, combine queries into reports, and use most queries as dashboard monitors.
You can use predefined queries as is, edit predefined queries, or create queries from events and
properties stored in the ePolicy Orchestrator database. To create custom queries, your assigned
permission set must include the ability to create and edit private queries.
Reports enable you to package one or more queries into a single PDF document, for access outside of
ePolicy Orchestrator.
3
Monitoring and managing your environment
Monitoring the SVA
58
McAfee MOVE AntiVirus (Agentless) 3.6.0 Product Guide