Announcement: New Knowledge Base

4 June 2020: We are pleased to announce the launch of a new Knowledge Base, Changelogs for Business Security Products, where you can find more details, such as bugfixes or new features, about the most recent releases of our business-related products.

Alert forwarding in F-Secure Client Security

Hello,

 

I'm trying to configure the Alert Forwarding for my client to forward all the logs to the Event Viewer, but I saw, in my PM,  that this setting applies only to version 13.X and earlier.
In the F-Secure Linux Security web ui, I know that it's possible to configurate Alert Forwarding, but in the F-Secure Client Security (Windows) isn't possible.

 

Do you know how can I configurate it ? in configuration files or in the registry for example ?

 

Thanks in advance !

Timothée

hduret

Comments

  • ravi12ravi12 Posts: 57

    Hi

    can you tell which version of Client Security you are using.

     

    In CS14.02 all setting to be done in standard view only and you can select event viewer in alert sending tab in standard view only. You can configure which type of alerts you want to send in event viewer such as security, error etc.

    etomcat
  • timotheetimothee Posts: 4

    Hi,

    Thank you for your answer.

     

    I'm using fscs-14.01 generated by a fspm-14.01.
    As you said, I tested with fscs-14.02, but it's the same result.

    I checked all alerts types in the table but they arn't forward to the event viewer on the client.

    As you can see on the picture, it is for "13.X hosts only" so whether it is for fscs-14.01 or fscs-14.02 I think it's the same problem.

     

    May be there is a way to configurate that directly on the client ?

     

    Capture.PNG

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

    Thanks

    Timothée

  • MJ-perCompMJ-perComp Posts: 1,098
    in V14 environments e-mail alerting is ONLY done by PMS. You can select to forward alerts from servers or from servers and hosts.
  • etomcatetomcat Posts: 1,316

    Dear Matthias,

     

    > You can select to forward alerts from servers or from servers and hosts.

     

    I think the phraseology chosen by F-Secure Corp. isn't very clear here. By "servers" do they mean "computers with server OS" or Policy Manager Servers? By saying "hosts" do they actually mean "endpoints"?

     

    (I feel the newly revamped Standard View in Policy Manager may be cuter, but the Advanced View with its collapsible hierarchies and rigidly formatted tables was a more logical system.)

     

    Best Regards: Tamas Feher, Hungary.

  • MJ-perCompMJ-perComp Posts: 1,098
    You are right,
    "Only Server alerts" is PMS only
    "Host and server alerts" is PMS and all managed systems.
    The severity can be chosen from the field below that.

    Alerts, severity and forwards can not be configured on a per host basis. This should be configured on the Mailer with filters.
    Laksh
  • Are you serious? This was not included in the release notes of Policy Manager / Client Security 14.

     

    How are we supposed to handle email alerts in a multi-tenant environment, where alerts from various Policy Domains should be directed to different contacts? Do we need to setup a third-party solution or create separate e-mail forwarding policies for every single client on some other platform?

     

    This seems like a major feature degradation that was not disclosed by F-Secure at all.

    Suchy
  • MJ-perCompMJ-perComp Posts: 1,098

    @Vad  please forward to product management ASAP.

    VadSuchy
This discussion has been closed.