Announcement

Collapse
No announcement yet.

Script to retrieve Comodo Client Security logs from endpoints

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Script to retrieve Comodo Client Security logs from endpoints

    Hello Scriptwriting team,
    thank you again for the script that you created previously, it works well.

    If not already available (support stated that there was not one available) can you write a script that will retrieve the Comodo Client Security Event logs from an endpoint.
    The logs I am referring to are the Event logs that can be Exported as .htm files.
    These logs are useful when finding the Parent-child calling process details of files that are being blocked by HIPS, Firewall or Containment rules, for example.
    The HIPS events are not uploaded to the Itarian MSP portal.
    We know it is possible to remotely connect to the client device, start the Comodo Client Security application and retrieve these logs but this involves disruption to the user.
    It would be great if we could retrieve these logs, without disruption to the user.
    Also it would be good to have an option to clear the logs, so that when they are next retrieved the only events in the logs are recent events. This is handy when diagnosing an issue.

    Could a comma-separated list of the parameter(s) be passed that would specify, which log(s) to retrieve, for example, HIPS, Firewall would retrieve the HIPS events and the Firewall events?
    I could suggest some other parameters the could be useful.
    ALL - would get all logs.
    CLEANUP - would have the same action as the Cleanup Logfile action that is available in the Comodo Client Security app. If this option appears as the first action, then clear the logs and allow a second (Numeric character ) that specifies a delay in seconds before the specified logs are retrieved. If this parameter appears last in the list of options then get the specified logs and then clear them.


    Regards Ian



  • #2
    Hi Ian Clarke,

    Thanks for your script request. We have asked our script developers to analyze your request and provide input.

    Kind Regards,
    PremJK

    Comment


    • #3
      Hi PremJK,
      I hope you are well. How do I find out if the Devteam did anything regarding my request for a script to retrieve the Comodo Client Security Events logs from and endpoint without interrupting the end user?
      Regards Ian

      Comment


      • #4
        Hi Ian Clarke,

        Sorry for the delayed response. Our script developers are working on the solution to retrieve logs from the database. We will share the script here once ready.
        Thanks for understanding.

        Kind Regards,
        PremJK

        Comment


        • #5
          Hi PremJK, thank you for the good news, Regards Ian

          Comment


          • #6
            Hello PremKKumar, can I ask again if the script developers have made any progress with a script to retrieve the Client Event Logs from a device? My original spec was complicated with options. I would be happy at this stage to just have a script that retrieved all event logs. Options to select specific logs, and to clear the logs could come later. Regards Ian

            Comment


            • #7
              Hi Ian Clarke,

              Sorry, we are trying but unfortunately, we are not able to find a method to get logs through the script. Please give us a little more time.

              Kind Regards,
              PremJK

              Comment


              • #8
                Hi PremJK, thanks for the update.

                Comment

                Working...
                X