Jump to content

LeeWei

Staff
  • Content Count

    21
  • Joined

  • Last visited

About LeeWei

  • Rank
    Staff

Contact Methods

  • Website URL
    https://www.malwarebytes.com

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. @RickyF, there is a change in the API causing the error which I have fixed in version 2.3.1. Sorry about that. Lee Wei
  2. @amartilianom, the log files are located here: C:\Users\[user_name]\AppData\Local\Temp\Malwarebytes Excel Addin adregistrator.log is the log file generated during installation. adxloader.log is the log file generated when the Addin is being loaded in Excel You can send to me via private message, and we will look for errors. If think you have already done this, in Excel Menu --> File --> Options screen below, make sure that the Excel Addin is not in the Inactive or Disable lists. Lastly, I have message you with my contact info to help.
  3. @wpclau looks like a bug in the code. I determine the available properties (columns) from the first record. So if the first row does not have a "status.last_scanned_at" property, it will miss it. Normally the API returns a NULL value for the property, but in this case, the first row is not returning anything for "last_scanned_at". You can see the data returned by click on "Show API details" button. For a workaround, the list is returned sorted by ascending computer name. So if it is possible to ensure the first row has a value, that will make it work.
  4. @wpclau, this should have already been available under importing of Endpoint Data per the screen shot below. Let me know if you are referring to something different.
  5. @RickyF, search for the machine name in the "Endpoint Computers" button, NOT "Detection and Threats".
  6. A few people have asked for the Excel Addin to support Excel 2010. I have just added that in the new version v2.3.
  7. @RickyF if you want just the detection data for one endpoint, you can do the following. - In the "Endpoint Computers" export button, use the search field to find your endpoint. - Following that, any data extracted from the "Detections and Threats" button will be filter for this endpoint only. This way, any charts and summary will also be for this endpoint.
  8. @RickyF, hah, I have not targeted (designed...) the reports to highlight one single endpoint, they are most meant for a group of computers. This is why we see Top 10 categories etc. I think the report will be very different, and you can provide all the details of the endpoint including OS details, network, software installed, Windows updates. Basically everything that is available when drilling into a single endpoint. Past that, many have asked for the ability to schedule the reports for delivery. Yes both these will require some work, but I appreciate the feedback.
  9. @syarbrough, I forgot to follow-up with you. The new version 2.2 will now report threats and detections only for the endpoints (e.g. group) that you have selected. Thank you for the suggestion and input.
  10. If you use the Excel Addin, please consider upgrading to v2.0 that I have just published. https://support.malwarebytes.com/docs/DOC-2672 Other than bug fixes, I have incorporated a lot of features and requests from you guys. One main enhancement is the management of Endpoint Statuses now available in the Cloud console. You can see summary charts of endpoints with the different statuses like Scan Needed, Remediation Required, Reboot Required, etc. A summary report with these data points are included as the primary KPI. And lastly, there is a "Take Status Action" dialog to take the actions in bulk. Also added is a better way of handling and managing groups. You can filter endpoints by a group hierarchy. Per usual, I appreciate bug reports and enhancement requests.
  11. @syarbrough I understand and love the idea. I do lament that the detection data does not reconcile with endpoint selection. On my list of enhancements now, thank you!
  12. @Kalrand no the notifications for Detections Found does not include websites blocked. Good I hope to reduce noise.
  13. @makeitso and @Kalrand - you are referring to the dashboard top left most pane where it shows how many endpoints infected in the last 72 hours. This means that one or more threats (any types including malwares, PUPs, etc.) were detected on those endpoints in the last 3 days. Most of the time, they have been remediated automatically, so no actions are necessarily needed.
  14. @Kernel009 the error technically means that the Cloud server cannot service our API request. The API service returns errors in JSON. The HTTP/HTML error indicates that the API service is not reached. So it could be network, the API service, etc. Behind the scene, when we retrieve the "Agent Info", it does invoke as many APIs as you have endpoints identified. It is a looping call. Is it happening for the same computer name? Is this happening consistently, or sporadic? If this happens a lot, I can manage the error better to provide better experience.
  15. @Kalrand, thanks for the feedback. Yes all the datetimes are currently shown in UTC. I have already changed the default to show local time in the next version that I have yet to release (v2.0). It will show the datetimes in local timezone, but you can change to UTC if needed. Any other comments, bugs, or enhancements are welcome! Lee Wei
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.