Monitor PSB

Piers

We have been using a Monitoring System (CentraStage) for all our managed desktops and servers. One of the things it does is generates a ticket if a desktop has an AV problem e.g. is out of date, not installed, disabled etc. this all happens via agent which uses the Windows Security Centre that’s great for desktops but WSC does not exist on Server’s.

 

Now you can write your own Monitors and there are loads in the community for most AV but not F-Secure. We obvious use the PSB portal but ideally we would also like it in our monitoring system which is much more proactive.

 

So how can I get the status of a Servers F-Secure:

• It is installed (OK I can manage that one)
• It is Active
• Up to date

In a custom monitor we can use: DOS cmd, Vbscript, Javascript, powershell,  python and maybe a couple of others. So that mean I access to webservices, registry, wmi, files system etc etc.

 

What can I check for / against to give me the info above, and if there are multiple what is the most robust.

 

Regards

 

Piers

Piers

 

Hi Ben,

 

In the Post it uses "POLUTIL.EXE g 1.3.6.1.4.1.2213.12.2.140" to get the Status.

 

1.3.6.1.4.1.2213.12.2.140 is a OID which is a SNMP Object ID that hold a value (or String etc). Normally retrieved with a SNMP monitor tool. To use a Monitoring tool you normally give it the IP address, port (if nonstandard), and a Community String (a Passphase if you like). It seem that POLUTIL is just retiving the OID from the local machine. Which Potentially could be done very natively with a monitoring system but you would need the the Community (and port if Custom)

 

Piers