Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 4464 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Feature Requests (finding workstations, virus/spyware event view, report features)

John_Lewis

Using Enterprise Console 4.7.0.13

Finding workstations to review:

1) A search box to search for a particular workstation, or string of workstation names using wildcards

2) A search box to search for users, that lists workstations used by the user

Event views

1) A view for Virus/Spyware events that provides as much rich detail as the other event view tools (Data Control Events etc.) - I need to quickly get a list of virus events that includes the workstation, user,  time, virus/spyware, file name, source path and action history.

Reports

1) The ability to get the same info in the view tools, but in scheduled reports.  I get great data in the Data Control Events tool, but can't I schedule it (it includes filename, type, Source Path and destination).  I get none of this in the report secion.  WHY?

:14385


This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    I created this little Computer Search tool for SEC, It essentialy automates the GUI.

    #include <GUIConstantsEx.au3>
#include <WindowsConstants.au3>
 
Dim $msg
Dim $TextBox1
Dim $Button1
Dim $Button2
 
Opt('MustDeclareVars', 1)
 
GUICreate("SEC Computer Finder", 228, 47, -1, -1, "", BitOR($WS_EX_TOPMOST, $WS_EX_TOOLWINDOW, $WS_EX_CLIENTEDGE))
GUISetState(@SW_SHOW)
 
$TextBox1 = GUICtrlCreateInput("", -1, -1, 160, 24)
$Button1  = GUICtrlCreateButton("&Find", 159, -1)
$Button2  = GUICtrlCreateButton("E&xit", 192, -1)
 
While 1
	$msg = GUIGetMsg()
	Select
        Case $msg = $Button2
            ExitLoop
		Case $msg = $GUI_EVENT_CLOSE
			ExitLoop
		Case $msg = $Button1
			SendToSEC()
		Case $msg = $TextBox1
			SendToSEC()
	EndSelect
WEnd
 
GUIDelete()

;Functions
Func SendToSEC()
	
	Local $strComputerToSearch
	
	$strComputerToSearch = GUICtrlRead($TextBox1)
			
    WinActivate("Sophos Enterprise Console")
    ControlClick("Sophos Enterprise Console", "", "[CLASS:SysHeader32; INSTANCE:1]", "left", 1, 6, 8)

	AutoItSetOption("SendKeyDelay", 120)
	Send($strComputerToSearch)
	Sleep(2000) 
	
EndFunc

     If you save the above as ComputerSearch.au3 for example.  Download and install AutoIt (http://www.autoitscript.com/site/autoit/ ) you can convert it into a exe.

    As for reporting, you could install the Sophos Reporting Interface:

    /search?q= 8285
    I've added a HTA to that post to give a few sample queries.  It would be nice if it was all in SEC natively but for anything like this I tend to run scripted reports direct from the database.

    Hope these give you something to try in the meantime.

    Regards,

    Jak

    :14391
Reply
  • 0

    Hi,

    I created this little Computer Search tool for SEC, It essentialy automates the GUI.

    #include <GUIConstantsEx.au3>
#include <WindowsConstants.au3>
 
Dim $msg
Dim $TextBox1
Dim $Button1
Dim $Button2
 
Opt('MustDeclareVars', 1)
 
GUICreate("SEC Computer Finder", 228, 47, -1, -1, "", BitOR($WS_EX_TOPMOST, $WS_EX_TOOLWINDOW, $WS_EX_CLIENTEDGE))
GUISetState(@SW_SHOW)
 
$TextBox1 = GUICtrlCreateInput("", -1, -1, 160, 24)
$Button1  = GUICtrlCreateButton("&Find", 159, -1)
$Button2  = GUICtrlCreateButton("E&xit", 192, -1)
 
While 1
	$msg = GUIGetMsg()
	Select
        Case $msg = $Button2
            ExitLoop
		Case $msg = $GUI_EVENT_CLOSE
			ExitLoop
		Case $msg = $Button1
			SendToSEC()
		Case $msg = $TextBox1
			SendToSEC()
	EndSelect
WEnd
 
GUIDelete()

;Functions
Func SendToSEC()
	
	Local $strComputerToSearch
	
	$strComputerToSearch = GUICtrlRead($TextBox1)
			
    WinActivate("Sophos Enterprise Console")
    ControlClick("Sophos Enterprise Console", "", "[CLASS:SysHeader32; INSTANCE:1]", "left", 1, 6, 8)

	AutoItSetOption("SendKeyDelay", 120)
	Send($strComputerToSearch)
	Sleep(2000) 
	
EndFunc

     If you save the above as ComputerSearch.au3 for example.  Download and install AutoIt (http://www.autoitscript.com/site/autoit/ ) you can convert it into a exe.

    As for reporting, you could install the Sophos Reporting Interface:

    /search?q= 8285
    I've added a HTA to that post to give a few sample queries.  It would be nice if it was all in SEC natively but for anything like this I tend to run scripted reports direct from the database.

    Hope these give you something to try in the meantime.

    Regards,

    Jak

    :14391
Children
No Data