Check virus definition update from SCOM

Hi Guys,

I do not know any one came across with this problem but I have a environment with several antivirus in place. Is there any way to alert when the definition times out ?


We are using Symantec Endpoint Protection (SEP) mainly.

I don’t think there is currently a vendor or community MP available for SEP. If you are only looking to monitor a specific facet of SEP (such as the definition being stale) if you know of a windows event that’s written when this is the case, you could create a rule to capture and alert on that fairly easily using the SCOM console’s Authoring tab. Likewise if you know of a cmdline or API you can query to test this, you could write a VBScript/PowerShell monitor in the SCOM console to test this.

Your first port of call though is going to be to locate a Symantec subject matter expert (if you aren’t one yourself) to figure out how you can tell programatically that the definitions are out of date - after that the SCOM piece is the easy part! :slight_smile:

1 Like

Could you be more specific about the AV systems you are using?

Thank you this is very helpful

You should check this thread out; Integrating SEP with Microsoft SCOM. Once you can pull data in, the world is your oyster!