Column headers from the exported Computer Status log available from the Symantec Endpoint Protection Manager

search cancel

Column headers from the exported Computer Status log available from the Symantec Endpoint Protection Manager

book

Article ID: 152133

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

You want a description for each column header of the exported Computer Status logs

Resolution

Column Header	Meaning
Sequence No.	Sequence number associated with the virus definitons
Pattern Date	The date when this content update was released
Revision	The revision number for this content update
Version	The version number for this content update
Insert Date	The time when this pattern information was entered
Time Stamp	The time when this database record was entered or modified in the database, in milliseconds since 1970.
Client Type	Type of client
Operating System	The operating system name
Kernel	Linux Kernel Version (if client is SEP for Linux)
Client Version	Product build version
Policy Version	Client Policy Version
Policy Serial	Policy Serial Number assigned by the manager
Policy Checksum	Policy Checksum
IPS Serial NO	The current CIDS version on the agent
IDS Checksum	The current CIDS checksum on the agent
HI Status	The Host integrity status. Status values: Disabled Fail Ignore Success Pending No check performed
Hl Reason	The Host Integrity reasons. Status values: Pass Antivirus version is out-of-date Antivirus is not running Script failed Check is incomplete Check is disabled Location changed
HI Description	The Host Integrity description
Creation Time	The create time of the agent.
Status	The online state of the agent. Status values: Disabled (offline) Enabled (online)
Last time status changed	This is the time when the agent did a successful heartbeat communication/connection with the SEPM.
Site Name	The last SEPM site the client connected to.
Attribute Extension	Not used.
Full Name	The employee's full name.
Email	The employee's email address.
Job Title	The employee's job title
Department	The employee's department
Employee Number	The employee's number
Employment Status	The employee's status
Office Phone	The employee's office number
Mobile Phone	The employee's mobile number
Home Phone	The employee's home phone number
Auto-Protect ON	Auto-Protect status. Status values: Enabled Not installed Disabled by Policy Disabled Component is Malfunctioning Client not reporting status Status unknown
Infected	Whether the client computer is infected. Status values: Yes No
Worst Detection	The highest severity level of any detection found on the endpoint. Status values: (Severity 0) Viral (Severity 1) Non-Viral malicious (Severity 2) Malicious (Severity 3) Antivirus - Heuristic (Severity 4) Other (Severity 5) Hack tool (Severity 6) Spyware (Severity 7) Trackware (Severity 8) Dialer (Severity 9) Remote access (Severity 10) Adware (Severity 11) Jokeware (Severity 12) Client compliancy (Severity 13) Generic load point (Severity 14) Proactive Threat Scan - Heuristic (Severity 15) Cookie (Severity 16) Downloads No detections
Last Scan Time	Last scan time for this agent (GMT)
Last Virus Time	Last time virus was detected on the client computer (GMT)
Accepts Content Update	Accepts content update Status values: Yes No
Antivirus engine On	Antivirus Engine On states. Status values: Enabled Disabled
Download Insight On	Download Advisor operational state. Status values: Enabled Not installed Disabled by Policy Disabled Component is Malfunctioning Client not reporting status Status unknown
SONAR On	SONAR status. Status values: Enabled Not installed Disabled by Policy Disabled Component is Malfunctioning Client not reporting status Status unknown
Generic Exploit Mitigation On (SEP 14 only)	GEM status. Status values: Enabled Not installed Disabled by Policy Disabled Component is Malfunctioning Client not reporting status Status unknown
Tamper Protection On	Tamper Protection status. Status values: Enabled Not installed Disabled by Policy Disabled Component is Malfunctioning Client not reporting status
Intrusion Prevention On	Network Intrusion Prevention status. Status values: Enabled Not installed Disabled by Policy Disabled Component is Malfunctioning Client not reporting status Status unknown
IE Browser Protection On	Internet Explorer browser protection status. Status values: Enabled Not installed Disabled by Policy Disabled Component is Malfunctioning Client not reporting status Status unknown
Firefox Browser Protection On	FireFox browser protection status. Status values: Enabled Not installed Disabled by Policy Disabled Component is Malfunctioning Client not reporting status Status unknown
Early Launch Antimalware On	ELAM status. Status values: Enabled Not installed Disabled by Policy Disabled Component is Malfunctioning ELAM not reporting status
Major Version	The major build version is 12 or 14. This example shows the underlined number as the major version. 14.0.2415.0200.
Minor Version	The minor version is the release update number. This example shows the underlined number as the minor version. 14.0.2415.0200.
Restart Required	Whether a reboot is required for the system. Status values: No Yes
Restart Reason	Reboot Reasons. Status values: Risk remediation to complete Product patch to apply Content download to apply Task to complete from install Request from administrator to restart Component configuration error to fix Driver configuration change to apply
Computer Name	Computer name
Computer Domain Name	Name of Active Directory Domain or Workgroup
Current login domain	If the current logged in user is a local user account, then localcomputer will be shown for the current domain. If the current logged in user is a domain user account, the real domain name will be shown for the current login domain. Typically the current login domain is same as the computer domain name.
Last download time	Last download time (Last Download Time is the last time the SEP client downloaded content from a LiveUpdate server. It is NOT the last time the client downloaded content from the SEPM.)
Number Of Processors	Number of processors
Operating System Language	Operating system language ID, for example, English = 0x09
Total disk space	Total disk space in MB
Total memory	Physical memory in MB
Computer description	Computer description
Service pack	Operating System Service pack
Processor Type	Processor type
Processor Clock	Processor clock
BIOS version	BIOS version
TPM device installed	TPM Device status. Status values: None IBM Device HP Device Unknown TPM device detected
IP Address1	Nic 1
IP Address2	Nic 2
IP Address3	Nic 3
IP Address4	Nic 4
Gateway1	Nic Gateway 1
Gateway2	Nic Gateway 2
Gateway3	Nic Gateway 3
Gateway4	Nic Gateway 4
MAC Address1	MAC Address
MAC Address2	MAC Address
MAC Address3	MAC Address
MAC Address4	MAC Address
DNS server 1	DNS server
DNS server 2	DNS server
WINS server 1	WINS server
WINS server 2	WINS server
DHCP server	DHCP server
Hardware Key	Hash of computer hardware information.
Free memory	Physical memory not in use.
Free disk space	Disk space not in use.
Time zone offset	Local time zone offset in minutes compared to GMT time zone
Network Host Exploit Mitigation On	Network Host Exploit Mitigation status. Status values: Enabled Not installed Disabled by Policy Disabled Component is Malfunctioning Client not reporting status Status unknown
Server Name	Name of the SEPM Server to which this client is connected.
Group Name	Current Group Name used by the client.
Domain Name	Name of the SEPM Domain the client is registered to.
Current User	Current Logged in User name.
IPS Version	Intrusion Prevention defintions currently used by the endpoint.
Deployment Status	Deployment status. This status is sent by the client to represent the current deployment state. It can be generated by the client itself or by the installer. Status values: No Status Reported. Symantec Endpoint Protection Manager indicated an upgrade package for the client The client is ready to accept the upgrade package The client decided to reject the upgrade package The client has requested package information for the upgrade The client has received package information for the upgrade The client hasn't allowed the download of the upgrade package to start The client has successfully downloaded and verified the upgrade package The client failed to apply the upgrade package The client failed to patch the delta The client failed to launch the upgrade installer The client successfully launched the final upgrade installer The client is requesting the full version of the upgrade package due to the delta's failure Install successful. Install repair successful. Uninstall successful. Install failed, rolled back. Install failed, insufficient disk space. Install failed, launch condition. Install failed, consumer product found. Restart pending Files copied. Install failed, legacy enterprise edition found. Install failed, non-elevated privileges. Install failed, incompatible operating system. Install cancelled by user, rolled back. Cannot deploy. Client version is the same or later than the specified package.
UUID
Endpoint Detection and Response Status (SEP 14 only)	EDR Server connection status. Status values: Disabled Disconnected Connected Not authenticated No status reported
ATP Server	ATP Server connection status. Status values: Connected Not Connected Unavailable
Hardware Serial Number	Serial number associated with the motherboard or virtual machine host the computer uses.
WSS Traffic Redirection Status	Status of the Integration policy applied to the computer. Status values: Disabled by Policy Enabled Not installed
WSS Integration Token Version	Each time the Integration token in the Integrations policy has been updated.

Feedback

thumb_up Yes

thumb_down No