New

Simplest "Universal Report" would help: Data Dumps of Endpoints, Threats

  • 23 July 2020
  • 0 replies
  • 117 views

Userlevel 1
Badge +8

The fancy reporting templates look really wonderful.

However, a much simpler “report” would support using data management tools to gain additional valuable insight.

As an experienced SW architect and data guy, I am guessing the overhead for this “report” is so low, we could obtain much more than just 30 days of data using it (as long as not used too often.)

What I seek: a VERY simple pair of Data Dump files. CSV is  BETTER than XLSX for this purpose. (Text files can be easily concatenated 🙂 )

Drawing on the “Standard” template...

  1. Endpoint details. This contains all of the fields in the Endpoints tab, including prior endpoints seen. Essentially, I want a dump file showing the current and historical endpoint record. (the ConsoleEndpoints tab in some reports?)
    1. Ideally for ALL sites on an account! (just have a Site column)
    2. Ideally over a full year or more.
  2. Threat details. The contents of all the fields in the Threats tab
    1. Again, all sites, over a long period of time

THAT IS ALL.

Having a file per site, and/or multiple files over time in the same folder, just makes life complicated.

WHY DO THIS

Using various software such as the R Language, it is easy to slurp up a large pile of data, and examine it in various ways.

Some things that could easily be discerned:

  • Which Sites, OS platforms, etc get a lot of reinstalls?
  • Same for threats?
  • What proportion of infections are seen at install time vs later?
  • Which Sites and/or OS cost us more at install time, for mitigating threats?
  • Which Sites, OS, etc have slow scan times?
  • etc etc etc

In case it isn’t obvious to the casual observer: it is more or less impossible to get this basic “raw” information today. Even with Universal Reporter.


0 replies

Be the first to reply!

Reply