Endpoint Security - Logging
jis157 last edited by
Verbose logging on Endpoint Security would be extremely useful for troubleshooting. Currently all you can see is that a role mapping has failed, but it won’t tell you if it is due to not finding a service pack, or executable, or predifined AV product, etc. Unless you create a seperate entry for each which is an administrative nightmare, you have very little insight as to why a client failed to meet your endpoint security policy.
Additionally, if you have, for example, various McAfee products being checked for in a particular rule, I would like to be able to know which specific product of those was found on the client that allowed it to meet the criteria. This information can become useful as time goes on, if you want to phase out a particular version from the check and want to know if and how many users may still be using it.