New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Failure to detect software as Antivirus. #565
Comments
this means this AV is not supported by GLPI-Agent. If you want this support, can you provide what can be done on the system to recover its status ? version, database version, if it is enabled or if it up-to-date and so. Also on which operating system does this AV run ? |
Hi @g-bougard, The antivirus version is 8.1.2.47081. The antivirus is enabled and up to date. The antivirus is running on systems 'Microsoft Windows 10 Pro', 'Microsoft Windows 10 Enterprise', and 'Microsoft Windows 11 Pro'. Thanks ! |
okay thank you. Can it be downloaded publicly and installed as trial version ? If yes, can you provide a link to the official download site ? |
Hello @danielbarciela as far as I can see, there's no public release of Cortex XDR agent. I only see we can request a demo. But this is definitively not a process which match my need to just find how to inventory this AV agent. So I won't be able to test a support by myself. Anyway, in the doc link you pointed out, it seems we can use the Then if yes, we can try to find the required information. First, can you report the output of So, if I read well the documentation, can you share the output of the following commands, run from an administrative console and from the
The last 5 ones may not be required if the xdr agent register itself to windows as an AV agent and windows reports it is enabled. This is the purpose of the |
Hello, I apologize for the delay; I haven't been able to gather the requested information earlier. Indeed, the 'cytool' command is installed in the path 'C:\Program Files\Palo Alto Networks\Traps'. The output of glpi-inventory --partial=antivirus:
If I run the 'glpi -inventory' command, I obtain that the cortex classifies it as software.
|
Is there any news on this topic? Do you know when it will be included in a new version? |
I'll try to update AV support to include this detection. But it seems it doesn't register itself as AV on the system, that's still weird. Anyway thank you for the output sharing. I'll tell you if I need other information. |
can you share the output of the following command run from an administrative console where Cortex is installed ?
I need these output to verify how to include support for this AV. |
It has been detected that the GLPI agent's software inventory does not correctly recognize the antivirus categorization for some assets. For instance, Cortex XDR™ Advanced Endpoint Protection does recognize it as an antivirus; however, Cortex XDR 8.1.2.47081 does not. Both have the same version and the same manufacturer.
The text was updated successfully, but these errors were encountered: