Announcement

Collapse
No announcement yet.

AV monitoring script

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AV monitoring script

    Hi Guys

    I use this script https://scripts.comodo.com/frontend/...iviruss-status to monitor Av on client PCs. It works well but now with Windows 10 having defender/security essentials enabled by default i am running into issues.

    When I deploy 3rd party Antivirus i am getting alerts as below

    Data: Custom Script Monitor : Standard Output: Windows Defender is disabled and Up-to-date
    ESET Endpoint Antivirus is Enabled and Up-to-date

    whats the best way to over come this? Can this be edited to not monitor Defender/Security Essentials or can the alerts be change so that it alerts if all of installed AV are disabled or not up to date

    Thanks

    Dave





  • #2
    dbettens ,

    We have forwarded your output to our Script Developers for review. We'll make sure to inform you of their feedback.

    Comment


    • #3
      Hi Jimmy

      Actually i have been thinking about this....

      I have sites that have different antivirus solutions, some eset,some sophos etc....

      What i ideally need is a script (or multiple scripts, one for each AV solution) that would check to make sure that installed AV at site is enabled and up to date and then alert if another 3rd party AV is installed excluding defender/security essentials as this is now included in windows 10

      I will then create a separate monitor for each site depending on what AV they use.

      this should then alert me if the site wide AV is disabled / not up to date or if there is another 3rd party AV installed.

      hope that makes sense.

      regards,

      Dave

      Comment


      • #4
        dbettens ,

        I see where you're coming from. Having multiple AVs to monitor would require a different kind of set-up. We have coordinated with our Script Developers on how we can achieve your goal. Please provide the vendors of the AV you have on those sites and we'll forward it for analysis.
        Last edited by Jimmy; 10-11-2018, 01:46 PM.

        Comment


        • #5
          Hi dbettens

          I have updated the script as per your request. It will generate an alert if the third party antivirus is disabled or not up-to-date.

          This procedure supports the list of antivirus mentioned below:

          1.Sophos

          2.AVG

          3.Mcafee

          4.Comodo

          5.Symantec

          6.Kaspersky

          7.Avast

          8.Webroot

          9. Eset

          10. Bitdefender total and internet security

          Please refer the below JSON file.

          20181015-check-antivirus-status.json

          Note:

          Please refer below wiki guide to use custom monitoring script:

          https://wiki.comodo.com/frontend/web...ure-monitoring

          Run the Script as Custom monitoring

          Let me know your feedback.

          Thank you

          Comment


          • Kristan
            Kristan commented
            Editing a comment
            This works perfectly in detecting ESET Endpoint Antivirus, thank you!

        • #6
          Thank you Meena i will test report back

          Dave

          Comment

          Working...
          X