The six built-in SCEP reports can be broken up into two categories: user-centric reports and system-centric reports . This recipe focuses on the group of system-based reports.We will be executing and interrupting the computer malware details, anti-malware activity report, and infected computers. Although these reports can be accessed either through the SCCM console or with a web browser, for this recipe, we will access them from the SCCM console.
In order to complete this recipe, you'll need to utilize an account that has at least the Endpoint Protection Manager roles assigned to it. If your installation of SCEP is in a lab, or is very new and has not yet detected any malware on your systems, then it's recommended that you utilize Eicar test file to simulate a malware detection. Eicar test file is a completely safe file that all major anti-malware vendors add to their definitions for testing purposes. It can be downloaded from http://www.eicar.org/ . Please remember to allow up to five minutes, after the time you trigger the Eicar detection, to start executing reports.
Follow these steps:
MonitoringOverviewReportingReportsEndpoint Protection
and select the Antimalware Activity Report.One of the biggest improvements in SCEP over FEP is the consolidation of databases. FEP stored data in two different DBs that were separated from the core SCCM DB and SCEP, whereas, SCCM 2012 shares the same database. This means you no longer have to wait for data to be moved from one database to another before a malware event is reflected in your reports. In FEP, it could take up to 45 minutes for a malware event to be reflected in a report. With SCEP, the malware event should be reflected in a report almost instantly once the message is received by the SCCM server (usually within five minutes).
The system-centric group of SCEP reports allows you to quickly look at incidents on multiple PCs, or drill-down to the Computer Malware Details report to review the status of a single PC. The Computer Malware Details report shows all relevant SCEP client details, such as engine and definition versions, in addition to a history of malware events.
Exporting the Computer Malware Details as a PDF will allow you to quickly share information with other users even if they do not have access to the SCCM console or the SQL Reporting Services for your SCCM server.