# |
Test Name |
Result Details |
11 |
Test presence of CollPack |
Symantec_Endpoint-Protection_6.1r3-Pre1.spz.zip file not found |
12 |
Test presence of EULA in collpack |
|
21 |
Verify single default CONNECTION METHOD |
Found 1 nodes:
-- NODE --
SYSLOG |
22 |
Ensure all taxonomy is valid |
Line Server System Event,,,,,, in taxonomy.map had problems: | Wrong number of fields |
24 |
Verify DeviceName with RV31 |
|
28 |
Verify Collector Pack UUID Conflict |
Symantec_Endpoint-Protection,53D90A20-3EE3-102C
- is unique and does not have any node-level conflicts with other
collector packs |
29 |
Verify Collector Pack Controls |
Control 'Global Setup' is not found in package.xml
Control 'Dashboard Status' is not found in package.xml
Control 'Implementation Audit Trail' is not found in package.xml
Control 'Event Trends' not found in package.xml
Control 'Collector Management' is not found in package.xml |
31 |
All events should have DeviceEventTime, DeviceEventTimeString, EventName, Message, Severity |
6 events matched test criteria:<br/>All events passed. |
32 |
All events should have an Observer IP or hostname |
6 events matched test criteria:<br/>All events passed. |
33 |
All events should report the Collector name and UUID |
6 events matched test criteria:<br/>All events passed. |
401 |
Account events (create, delete, modify, enable, disable, change password) should have InitUserName |
0 events matched test criteria:<br/> |
402 |
Account events (create, delete, modify, enable, disable, change password) should have TargetUserName |
0 events matched test criteria:<br/> |
403 |
All account queries should have TargetUserName |
0 events matched test criteria:<br/> |
404 |
User Login events should have TargetUserName |
0 events matched test criteria:<br/> |
405 |
User Logout should have InitUserName |
0 events matched test criteria:<br/> |
411 |
Trust events (create, delete, modify) should have InitUserName |
0 events matched test criteria:<br/> |
412 |
Trust events (create, delete, modify) should have TargetTrustName |
0 events matched test criteria:<br/> |
413 |
Trust events (query) should have TargetTrustName |
0 events matched test criteria:<br/> |
414 |
Trust events (associate, deassociate) should have InitUserName |
0 events matched test criteria:<br/> |
415 |
Trust events (associate, deassociate) should have TargetTrustName and TargetUserName |
0 events matched test criteria:<br/> |
416 |
Resource access to trust (grant, revoke) should have InitUserName |
0 events matched test criteria:<br/> |
417 |
Resource access to trust (grant, revoke) should have TargetTrustName and TargetDataName |
0 events matched test criteria:<br/> |
418 |
Resource access to user (grant, revoke) should have InitUserName |
0 events matched test criteria:<br/> |
419 |
Resource access to user (grant, revoke) should have TargetUserName and TargetDataName |
0 events matched test criteria:<br/> |
421 |
DataItem events (create, delete, modify) should have InitUserName |
0 events matched test criteria:<br/> |
422 |
DataItem events (create, delete, modify) should have TargetDataName |
0 events matched test criteria:<br/> |
423 |
DataItem events (open, close, modify, query) should have InitUserName |
0 events matched test criteria:<br/> |
424 |
DataItem events (open, close, modify, query) should have TargetDataName |
0 events matched test criteria:<br/> |
425 |
DataItem query attributes event should have TargetDataName |
0 events matched test criteria:<br/> |
431 |
Session Modification events should have InitUserName |
0 events matched test criteria:<br/> |
441 |
System events (start, shutdown) should have InitUserName |
0 events matched test criteria:<br/> |
442 |
System events (start, shutdown) should have TargetHostName or TargetIP |
0 events matched test criteria:<br/> |
443 |
Service events (install, remove, enable, disable, invoke, terminate, config, modify) should have InitUserName |
0 events matched test criteria:<br/> |
444 |
Service events (install, remove, enable, disable, invoke, terminate, config, modify) should have TargetServiceName |
0 events matched test criteria:<br/> |
445 |
Service events (config, query) should have TargetServiceName |
0 events matched test criteria:<br/> |
451 |
Resource events (backup) should have InitUserName |
0 events matched test criteria:<br/> |
452 |
Resource events (backup) should have TargetDataName |
0 events matched test criteria:<br/> |
453 |
Resource events (corrupt, exhaust) should have TargetDataName |
0 events matched test criteria:<br/> |
461 |
All WorkFlow events should have TargetDataName and TargetDataContainer |
0 events matched test criteria:<br/> |
471 |
Malware infected events should have TargetDataName |
0 events matched test criteria:<br/> |
472 |
Malware infected events should have TargetHostName or TargetIP |
0 events matched test criteria:<br/> |