I am new to this group, so please tell me where the most appropriate place this question should be placed.
I have a bunch of developers who do stuff that once in a while Business Endpoint Protection complains.
From what I can ascertain, in the policies I enable the policy “Allow SecureAnywhere to be shutdown manually”. From what I can see this is the only way to allow developers access to the HOSTS file for example.
I need to be able to monitor the Manual Shutdown of and startup. I see that the Windows Application Event Log Security Center application creates events and records “Updated Webroot SecureAnywhere status successfully to SECURITY_PRODUCT_STATE_OFF.” and “Updated Windows Defender status successfully to SECURITY_PRODUCT_STATE_ON.”
Is there a way from within the Webroot Business Console to get this information for an endpoint?
Or is the only way to do this is to create a central event log manager?
Best answer by coscooperView original