Hi,
Any news regarding the Android remote app?
“-App for Android/IOS to remote into devices
→ I can say for Android 2021 First quarter, IOS 2022 First quarter.”
On the roadmap it still says: Q1, Q2.
Regards.
Yet another example off a warning that can’t be found anywhere:
A client gets the following warning every morning and now asks me what to do:
I want to check and ‘whitelist’ it from the console but the entry can’t be found anywhere in any log under ‘Security Sub-systems’.
Are there any improvements regarding loggings and traceability?
Is turning off the notifications to the end device possible??
Maybe, But then no one will ever know if such a warning will appear because the user can’t see it, and I can’t see it also because it won’t show up in the logs…
The only thing the client will notice is something that’s not working correctly.
I don’t think this is something you want to see for a central managed protection system.
I set mine up to not show end user, but to create a ticket and alert me.
That’s also an option.
But the bottom line is that the warnings do not show up in the logs.
In your situation, you do get an alert ticket, but can’t find the entry in the logs to whitelist.
Hmm, that’s odd, as mine always show up in the infected or quarantined section, and stays quarantined until I remove it?? I will look at mine more when I get a chance, but I have always been able to see the specific file, and location of the file it sees as malice??
Yes, that’s what I mean: in your example you can see the warning in the log.
But not all warnings are showing up in the logs.
The warnings I mentioned didn’t show up anywhere! In any log. I checked every log.
So you can’t take any actions.
Not all the warnings that the users see, are showing up in the different logs.
That’s something that needs improvement.
Could you please post a picture of where you are looking?? That appears to be running it in containment, so what posted a picture of what for the AV side. That should show up on the containment side. at least it does in mine.
Hi @Boss,
Thank you for your suggestions and screenshots.
In this case the user got a warning from the containment module.
So I think this entry should be found in the ‘Security Dashboards’ and if not, then in the ‘Containment’ logs.
Note: the user got this message on 31-08-2021, and it’s referring to ‘ImController.Infinstaller.exe’.
Looking in ‘Security Dashboard’ I have roughly 120 entries from different devices in total, but none referring to this file or program.
But I do see 2 entries regarding this device:
Nothing to be found about the named file.
And if I look in ‘Containment’ log:
This is everything I have in the Containment log. On the 31-08 I see 3 entries but also, nothing regarding this file.
So, this warning can not be found (easily) and I can’t whitelist or investigate the file.
This is not the only time I have seen this. If you look at the first post in this topic, you will see I have some similar problems.
And from what I got as response earlier, I see that it’s a known problem:
[I]Hello,
Thank you for contacting ITarian Support Team.
We thank you for providing details about your query. Our product management team is aware of your request and is working to prioritize it with the others received. We will provide you an email notification for any updates regarding this request and its timeline once it is prioritized on the road-map for a delivery.
Regards,
Colin
ITarian Support[/I]
Hope you see my point that, for a managed security platform, this has to be better and easier to follow and should be one of the basic functions that should work.
Yes sir, I see the point, I was just trying to help, and see if I might have a heads up, if it happens to me.
No problem. Thank you @BOSS for trying to help. Hope that Itarian helpdesk can also take a look at this.
Yes sir, good luck!!
Itarian support??