scv logging

Mark_Edwards · ‎2020-08-20

Hi,

Recently implemented SCV to check if VPN user's computers are domain joined.

This is working and non-compliant users get the warning message.

At the moment it is set to Allow and log.

The SCV Registry Monitor policy definition is also configured to log (send_log =alert).

The issue is I can't find where this is logged on SmartConsole (R80.30)

I know that the non-compliance is only logged once but I should still be able to see it.

It could be that I'm just filtering/querying the wrong thing.

In Endpoint compliance I don't see anything either.

Any suggestions?

Thanks

PhoneBoy · ‎2020-08-20

SCV is a little different than Endpoint Compliance though it serves the same function.
I would expect the logs to appear as part of VPN/Remote Access and not necessarily Endpoint.

Xavier_FIQUET · ‎2020-09-10

add the same issues there . if user has already authenticated months ago, you must look for the first time event since it will never be logged again ... we are thinking on asking for a RFE to get each time the scv logs whatever the results.

Yashwanth_Katu1 · ‎2021-01-11

We have configured SCV recently and we are facing the same issue. our smart console is on R80.30. FYI: we are seeing the logs on the "Endpoint Compliance blade"

Also, we are seeing user as default in the MLM for non-compliant users. Any way we can resolve this issue?

any suggestions?

archie · ‎2022-11-11

Same behavior for me. Any suggestions?

Are you a member of CheckMates?

scv logging