Hi Fellow forumers,
I want to run a policy report that lists assets with anti-virus not updated within xx days. This is mainly on a Windows 10 Estate.
The AV application is SCEP, controlled by SCCM. There is a CID 9140 which checks if the AV is up to date for Windows 10 but doesn't allow the ability to state what "Up to date" actually means. Is it 1 hour? 1 Day? 1 Week?
Likewise, for Microsoft Endpoint Protection there is CID 10177 which checks for AV Definitions older than X Days but this is not available for Windows 10.
I'm looking to acheive the ability to have a policy running which will report "IF" a Windows 10 asset is out of date over a set number of days and then email our desktop team to investigate. Basically, this is a breach of our p;olicy if a user has not connected thier EUD to be updated within the company policy timescales.
Have I missed something or am I trying thisd the wrong way round? Opinions welcome.