How to use Endpoint Policy Manager Cloud Event Collector to Report and generate policies from the events generated
By following this guide, you will be able to generate reports for interesting events from the Endpoint Policy Manager event logs, and generate policies as needed.
Getting Started
In order to receive Endpoint Policy Manager reports for events via Endpoint Policy Manager Cloud Event Collector, you need to:
-
Submit a support ticket to activate the Cloud Event Log Collector
-
Trialers/Customers will only have a one-day event collection offered at no cost
-
Paid options – Release Date & Pricing TBD
- 7 Day, 14 Day, or 30 Day intervals
-
-
Select the Company Groups you want to collect event logs
-
Select the Endpoint Policy Manager Events you want to capture
The steps are as follows:
Step 1 – Select the company group you want to pull events from the computers.
Step 2 – Navigate to Company Group and Click Edit Group.
Step 3 – Select the Event Collector Refresh interval for computers time setting.
Step 4 – Select the Event IDs you want to collect.
Step 5 – You can select the drop-down option to select the Event IDs. See the List of Endpoint Policy Manager Event Categories and IDs topic for additional information on the event categories and IDs.
Step 6 – Go to the Reports tab to see the events that have been generated.
Step 7 – Create policies through the events that are being generated.
Step 8 – You can edit the policy name and the policy conditions if needed.