here is the situation,
Managing SEP for huge company in North America. When a virus is detected I would like to have the Symantec endpoint protection send a specially formated email to our ticketing system so the infections can be investigated.
I have figured out how to take the information passed by Symantec and parse it so that I can send the email that I like. (you can do this because Symantec passes a variable that contains all the info that appears in the ticket to the bat file that you select)
The issue I am having is that the notification uses the term User and then about 50 percent of the time says that the user is System. However if you look in the SEPM console it knows the logon username.
This creates an issue for our ticket system and means that someone has to search out the username for each of these machine to assign the ticket to the correct Branch office.
My Question is this: What is the variable User? I can't find a field called "User" when I search through the clients. I would prefer that the email supplied the login username but that data does not seem to be pulled for these notifications. Is there anyway to get this data?
My Suggestion for future versions would be the following:
Allow SEPM admins to format their own emails with a supplied list of variables. Most modern IT ticket systems can enter tickets based on specifically formatted emails and Symantec should provide a way to send these emails from within the console