How does Security Manager determine that the Symantec Antivirus DAT file is too old? (NETIQKB15241)

  • 7715241
  • 02-Feb-2007
  • 05-Sep-2007

Resolution

goal
How does Security Manager determine that the Symantec Antivirus DAT file is too old?

goal
Which script checks whether the Symantec Antivirus DAT file requires an update?

fact
Security Manager 5.X

fact
Security Manager 3.50

fact
Security Manager 4.00

fix
There is a script named NetIQ :: SymantecGetDateOfCurrentDATfile which, by default, is run by a rule every day at 2:20 am. This script retrieves the date of the DAT file from the following registry key:
\HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SharedDefs\NAVCORP_70.
By default, this script is configured to create an event (id 257) if the age of the DAT file is greater than ten days. Once this script-generated event is detected, there is another rule that generates a 'Warning' alert .

Additional Information

Formerly known as NETIQKB15241

Feedback service temporarily unavailable. For content questions or problems, please contact Support.