Add unrecognized file notice

yu.jasper · May 10, 2018, 1:01am

Hi Sir,

how can we add notification to admin of system found unrecognized file?

Jasper

Rick_C · May 10, 2018, 1:59am

Hi @yu.jasper
We moved your post here in the Automation Scripts sub-forum to inquire from the script developers if this is possible through some sort of custom monitoring script. Let us wait for their response and act accordingly afterwards.

sathish · May 10, 2018, 4:08am

Hi @yu.jasper

We will analyze and update you shortly.

RT-AMS-ITarian · May 10, 2018, 6:55pm

Why should this be a script adding more and more load to the clients computers???
Why can this not be a simple monitor we can apply to the portal, and when the file is detected and reported as normal it alerts us?

I only ask as we are finding to monitor and do our job the client needs a minimum of I7 8GB SSD just to use MS Word.

Rick_C · May 11, 2018, 1:23am

Hi @StrobeTech
We consulted with the script developers first to check if this doable (within reason) within the existing ITSM build. If not then we will proceed with a feature request to add such functionality.

Meena · May 15, 2018, 7:25am

Hi @yu.jasper @Rick_C @StrobeTech

Please refer the script to get an alert for the unrecognized files added in containment or application control.

https://scripts.comodo.com/frontend/web/topic/alert-when-unrecognized-file-generated-in-containment-or-application-control

Let us know your feedback

Thank you

RT-AMS-ITarian · May 15, 2018, 7:35am

Interesting script…
But what are the required parameters for this to be run?

Every 1 min???

This is something that all the scripts in the library need to have added to them, as if you run too many scripts too often you will cripple a device and not help your clients.
Can we have these details for this script and then look at updating the entire library to have the details listed on each script as this will help dramatically.

Thanks
Robin

mkannan · May 16, 2018, 10:14am

Hi @StrobeTech

Glad to meet you. We really appreciate your feedback and clarifications.

In this custom monitoring script, you could configure monitoring period as required for you since the script will alert you to the details covering events that had happened in the last monitoring period. For best practices, you could configure this monitoring to run at every hour.

We are not suggesting monitoring period while delivering custom scripts unless required, leaving it to be configured by requesters. We will start updating monitors with details suggesting monitoring periods for best practices.

Looking forward to hear from you

Best regards,
Kannan

RT-AMS-ITarian · May 16, 2018, 1:02pm

Hi @mkannan

thank you for coming back to me on this, and I’m glad to hear we are going to see best practices coming soon.

Thanks
Robin