Jump to content


Photo

Log Settings


  • Please log in to reply
7 replies to this topic

#1 Lon

Lon

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 12 March 2012 - 07:00 AM

Hello,

I am trying out Immunet 3.0 AV and for compliance reasons I need to be able to store logs for at least 6 months. I downloaded the free version and could not find any settings for log location, rotation, and retention. Can anyone give me a rundown on how logs are handled in Immunet AV?

Thanks,

Lon

#2 ritchie58

ritchie58

    Staff Member

  • Moderators
  • 1,833 posts
  • LocationOil City, Pa. U.S.A.

Posted 12 March 2012 - 12:52 PM

Hello Lon, open the GUI, click on History. A File History window will appear. On the top of this window click on View By: All File Events. This will show you all the activity that Immunet has encountered within the past week. These logs are stored at C:\ Program Files\Immunet\history - which is a .DB file. You will not be able to directly access this file while Immunet is running however. I hope this is what you were looking for. As far as changing the length of time the History is stored I have no knowledge on that or even if it's possible. If it is possible perhaps an Administrator or fellow staff member can provide that information for you. Regards, Ritchie...

* Immunet Global Forum Moderator *


#3 Lon

Lon

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 12 March 2012 - 04:44 PM

Thanks for the information, Ritchie. If anyone knows how to specify the retention time for event history please let me know. I'm also curious if you can export history to a easily usable format.

#4 ritchie58

ritchie58

    Staff Member

  • Moderators
  • 1,833 posts
  • LocationOil City, Pa. U.S.A.

Posted 12 March 2012 - 06:27 PM

Microsoft's Access or Excel software might work at converting the DB file into a readable format. If that doesn't work there is a paid software that I know of called Paradox Converter that can convert DB files. You could make a copy of the DB file and then convert the copy. It's rather expensive though. About 30 bucks. There's also is a demo version to this software with very limited functionality unfortunately.

* Immunet Global Forum Moderator *


#5 Lon

Lon

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 13 March 2012 - 12:13 AM

Thanks again, Ritchie. I will review...

#6 hnayyar

hnayyar

    Immunet Staff

  • Administrators
  • 2 posts

Posted 15 March 2012 - 01:14 AM

Hi Lon,

The consumer version of Immunet is not meant to be compliant for enterprises. If you are an enterprise user, I would recommend that you check out our fireAMP offering:

http://www.sourcefir...tection/fireamp

The fireAMP product which is geared to satisfy business compliance needs, has a lot more functionality compared to the endpoint consumer versions.

Hope this helps

#7 RobT

RobT

    Advanced Member

  • Administrators
  • 237 posts

Posted 26 March 2012 - 10:29 PM

And FYI, the quarantined file retention time on the Consumer version (Immunet) is 1 month. In the enterprise version (fireAMP) it's configurable and I don't think there is a limit on it.

#8 ritchie58

ritchie58

    Staff Member

  • Moderators
  • 1,833 posts
  • LocationOil City, Pa. U.S.A.

Posted 27 March 2012 - 06:49 AM

That's interesting to know RobT. That brings a question to mind however. If something is quarantined what happens to that file after one month? Is it automatically deleted then, since that would give you plenty of time to determine if it's malware or a FP being the thinking there? That would be my assumption or am I wrong on that?

* Immunet Global Forum Moderator *





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users