Statistics |
On the tab, you can configure statistics information that will be written to the log file, to the Server database, and further can be viewed in the statistic section of the Control Center. To add corresponding type of information to the DB, set the following flags: •—logs stations Quarantine state. •—enables monitoring of hardware and software composition and storing the information in the database. •—enables monitoring of the list of the station modules and storing the information in the database. •—enables monitoring of the list of the installed components (Scanner, monitors, etc) and storing the information in the database. •—enables monitoring of user sessions and storing in the database the logins of users which are loged in the system with installed Agent. •—enables monitoring of the information on the start and stop of the components (Scanner, monitors, etc) and storing the information in the database at stations. •—enables monitoring of infections detecting and storing the information in the database. If the flag is set, you can also configure additional parameters of statistic on infections. ▫Set the flag to enable the mode of administrator notification on virus epidemic cases. If the flag is cleared, notifications on virus infection are performed in the standard mode. If the flag is set, you can configure the following parameters of virus epidemic tracking: ▪—time period in seconds after sending the notification about epidemic, during which single notifications about infected stations will not be sent. ▪—time period in seconds, during which specified number of messages on infected stations must be received, to send the corresponding notification about epidemic. ▪—the number of messages on infections that must be received in specified time period, so that Dr.Web Server may send to the administrator a single notification on epidemic on all cases of infection (the notification). ▪—number of the most frequently occurring threats which must be included in the epidemic report. ▫Set the flag to send a single summary report on multiple events of Preventive protection. If the flag is cleared, the Preventive protection events are sent in separate notifications, not depending on their number. If the flag is set, you can configure the following parameters of summary reports: ▪—time period in seconds after sending a summary report on Preventive protection events, during which notifications about single events will not be sent. ▪—time period in seconds, during which specified number of Preventive protection events must be occurred to send a summary report. ▪—the number of the Preventive protection events that must be received in specified time period, so that Dr.Web Server may send to the administrator a single summary report on these events (the notification). ▪—number of the most frequently occurring processes that have performed a suspicious action, which must be included in the Preventive protection report. ▫Set the flag, to activate sending statistics on detected stations security threats to the Doctor Web company. The following fields will become available: ▪—an interval in minutes for sending statistics; ▪—an MD5 key (located in the Server configuration file); for sending statistics is the only obligatory field. •—enables monitoring of abnormally terminated connections with clients and be able to send corresponding notifications to the administrator. Specify the following settings of abnormally terminated connections: ▫—time period in seconds after sending the notification on multiple connections termination, during which notifications about single terminated connections will not be sent. ▫—time period in seconds, during which specified number of connections with clients must be terminated, to send the corresponding notification. ▫—minimum number of connections with a single address that must be terminated during the counting period, to send the notification about single abnormally terminated connection (the notification). ▫—minimum number of connections that must be terminated during the counting period, to send the common notification about multiple abnormally terminated connections (the notification). ▫—if duration of terminated connection with a client is less than specified value, then specified number of connections is reached, notification about single terminated connections will be sent not depending on the counting period. At this, the connection must not be terminated further by the longer connections, and the notification about multiple abnormally terminated connections must not be sent (the notification). •—enables monitoring of scan errors occurring and storing the information in the database. •—enables monitoring of the statistics of scanning and storing the information in the database. •—logs the information about Agent installations at the stations. •—enables monitoring of information on devices blocked by the Office Control component and storing the information in the database. •—enables monitoring of processes activity at stations detected by Application Control and write the information to the database. •—enables monitoring the blocking of the processes at stations by Application Control and write the information to the database. •—allows to track multiple blockings of processes by Application Control and be able to send corresponding notifications to the administrator. Specify the following events settings: ▫—time period in seconds after sending a summary report on processes blocked by Application Control, during which notifications about single blokings will not be sent. ▫—time period in seconds, during which specified number of processes must be blocked to send a summary report. ▫—the number of events on processes blocked by Application Control that must be received in specified time period, so that Dr.Web Server may send to the administrator a single summary report on these events ( notification). ▫—number of the most common profiles according to which the block was made, and which must be included in the notification on multiple blockings. •—log results of tasks execution on workstations and store the log in the DB. •—log status changes for workstations and store the log in the DB. ▫—log changes in virus databases status and contents on workstations and store the logs in the DB. The flag is available only if the flag is set. •—get information on stations location and store the information in the database. To view statistics information 1.Select the item of the main menu. 2.Select a station or a group in the hierarchical list. 3.Open the corresponding section of the control menu (see the table below).
The table below describes correspondence between flags in the tab of the Server settings and items of the control menu on the page. If you clear flags on the tab, corresponding items of the control menu become hidden. Correspondence between flags of Statistics data section and items of the control menu
|