Adyb Posted September 3, 2012 Report post Posted September 3, 2012 I'm having trouble getting SCCM 2012 to accurately report on System Center Endpoint Protection 2012 clients: The Endpoint Protection Status page reports a machine that hasn't been switched on for three days as having "Current" definitions. Is this a bug in the Dashboard - or is the dashboard saying that the machine was current the last time it reported? Why do the Endpoint Protection Reports ask me for Start and End dates? I want to set the Dashboard report up to report "the last 24 hours" and emailing to me as a subscription every morning. Is this possible? And one other thing - how do I remove superceded definitions from the Source folder? Can this process be automated? I'm eventually going to run out of disk space. Thanks in advance... Quote Share this post Link to post Share on other sites More sharing options...
anyweb Posted September 4, 2012 Report post Posted September 4, 2012 can you show me a screenshot of the status you are referring to exactly you are prompted for start and end dates in order to create a reporting time scale, if you want daily reports emailed to you in reports then first you'll have to enable email ability within Reporting (SQL Server 2008R2 Reporting Services configuration Manager/E-mail Settings) and then click on create subscription and follow the wizard, does that help ? also have you looked at configuring email alerts for endpoint protection as described here ? cheers niall Quote Share this post Link to post Share on other sites More sharing options...
Adyb Posted September 10, 2012 Report post Posted September 10, 2012 Niall, Here is the current Endpoint Protection Status report (I'm still testing so only 8 of my 134 clients are being managed by SCCM so far). Note that it says Current: 8 (6.0%). This is a lie - if I click on that link and drill down into the data I get: Note the update times and definition of the first two computers. They are 3 days out of date, yet the Status report shows them as current... On the other issue, I have reporting and subscription emailing working. The problem is that the Subscription Wizard takes the Start Date and End Date as literal dates. So every time the report runs I get exactly the same historical data. For example, suppose I want to get the "Endpoint Protection Dashboard" report emailed to me every Monday, showing me what "happened" last week. I create a subscription, and enter 3rd September as a Start Date, and 9th September as an end-date and I tell it to run 9am every Monday morning. Today at 9am I will get a report for what happened between 3rd September and 9th September. So far so good. Next Monday (17th) at 9am I still get a report showing what happened between 3rd September and 9th September. On Monday 24th at 9am I get the same report yet again telling me what happened between 3rd September and 9th September. Even on Monday 31st December at 9am I'll still get the same report telling me what happened between 3rd September and 9th September. Not very useful! Quote Share this post Link to post Share on other sites More sharing options...
Tay Posted September 10, 2012 Report post Posted September 10, 2012 I have the same issue with reporting. I have to change the dates each week to get accurate data. I hope that function is available but I have searched all over and can't find any info. Why would microsoft miss such a critical function for reporting. Quote Share this post Link to post Share on other sites More sharing options...
