Forefront real-time scanning log?
-
Thursday, May 17, 2012 2:45 PMI am testing out Forefront 2010 and am looking to find the real-time scanning log. If Forefront gets hung up on a directory and the CPU is pegged, I could then easily identify which folder it's chugging away on, then exclude it. Any ideas? I checked the log in the Support folder but it obviously doesn't show every single file that it has scanned. Trend Officescan shows you the last file that it scanned and an overall # of files that have been scanned in real-time, this is extremely useful.
All Replies
-
Thursday, May 17, 2012 4:36 PM
Hi,
The only file I know is MPLog-XYZ.log (XYZ is the date) http://myitforum.com/myitforumwp/2011/11/01/fep-2010-where-can-i-find-the-scan-log-on-the-client-computer-2/ otherwise you can monitor MsMpEng.exe with process monitor http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx
Bechir Gharbi | My blog: @myITforum.com | Twitter: @Bechir_Gharbi | Linkedin: Bechir Gharbi | Time zone: GMT + 1
- Edited by Bechir GharbiMVP Thursday, May 17, 2012 4:42 PM
- Proposed As Answer by Rick TanModerator Friday, May 18, 2012 5:21 AM
- Marked As Answer by Rick TanModerator Friday, May 25, 2012 6:21 AM
-
Thursday, May 17, 2012 9:09 PMNot a bad idea. I wrote a batch file that runs procmon with a config file that has a filter for files and only includes the process msmpeng.exe. Does anyone else have a better way to see what is being scanned in real-time?
.png)
