Options
Sign in to Download

AntiVirus Protection

This template allows you to monitor the status of popular AntiVirus products installed on the target machine.


Prerequisites: WinRM must be installed and properly configured on the target server and WMI access to the target server.

Credentials: Administrator on target server.

Note: This template can monitor the following AntiVirus products and versions:
-- AVG 2012-2015
-- Avira 10-14
-- ESET NOD32 4-8
-- Kaspersky Endpoint Security 8,10
-- Kaspersky Small Office Security 13
-- Kaspersky Antivirus 9,12-15
-- Kaspersky Internet Security 9,12-15
-- McAfee AntiVirus Plus 2012-2014
-- McAfee Endpoint Security Platform 10
-- Microsoft Security Essentials
-- Microsoft Forefront Security Client
-- Symantec Small Business Endpoint Protection 12
-- Symantec Endpoint Protection 11-12
-- Total Defence Internet Security Suite 2012
-- Total Defence Anti-Virus 2012
-- Trend Micro OfficeScan 11
-- Trend Micro Worry-Free Business Security 7-9
-- Vipre AntiVirus 2015
-- Vipre Bussiness Agent 7
-- Webroot SecureAnywhere Endpoint Protection 7
-- F-Secure AntiVirus 14
-- F-Secure Internet Security 14
-- Microsoft Windows Defender


Components Monitors

AntiVirus Protection

     This monitor determines which AntiVirus product is installed on the target machine. If the correct product is found, a script returns the following information:

     Product – This component determines whether the correct product is found (1) or not (0). When the product is found, the script returns the AntiVirus name and version in the message field.

     Updates – This component returns the number of days that have passed since antivirus definitions have been updated.

     Protection – This component determines whether AntiVirus protection is enabled (1) or not (0).


Configuring Windows Remote Management (WinRM)

  1. If not already done so, install PowerShell 2.0 and WinRM on the SAM and target servers. Powershell 2.0 can be found here: http://support.microsoft.com/kb/968930.
  2. On the SAM server, open a command prompt as an administrator. To do this, perform the following step:
  • Go to the Start menu and right-click the cmd.exe and then select Run as Administrator.
  1. Enter the following in the command prompt:
           winrm quickconfig
    winrm set winrm/config/client @{TrustedHosts="*"}
  2. 4.     On the target server, open a command prompt as an Administrator and enter the following:
           winrm quickconfig
    winrm set winrm/config/client @{TrustedHosts="IP_ADDRESS"}

where IP address is the IP address of your SAM server.



Last updated 2/26/2015

solarwinds_worldwide_llc

  • Hi guys,


    Could anyone tell me how I can create a report on this?  For example; I just want to create a table report which has three columns; "Node Name", "Antivirus Version" and "Days Since Last Update".  However, I can't figure out where the output results of this script are stored in order for me to create a report.

    I know if I go into the Component view from a node I can see the details;

    SWSAM.png

    But when I choose to create report, custom table, I genuinely don't know where to find "Product Message" or "Updates Message".  I feel like I'm missing something obvious so any help or pointers would be greatly appreciated!

    I have not modified the script, perhaps it's a case of outputting the values to node.customproperties table entries?

    Cheers,


    Scott

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.