Virus scan log, problem

Dear All,

I have a problem with virus scan query. So I would like to a list about the Critical device from the last 7 days.

The problem is that when I run the query, it listed all the machines with the “critical” status, even if the status of the machine has changed since then.
So, what I want to do, it has to list those things that have been critical in the last 7 days and these have not changed.
So the query should link each unique host to their states.

query now: CEF AND MessageTypeValue:“Device status is Critical.”

Have you got any idea?

Thanks,

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.