Home
  •  

擱置重新啟動

Microsoft.SCEP.Linux.PendingRestart.Monitor (UnitMonitor)

此監視器會偵測伺服器是否需要重新啟動 Linux 以完成惡意軟體清除或套用 SCEP 配置。

Knowledge Base article:

摘要

需要重新啟動以完成惡意軟體清除或套用 System Center Endpoint Protection 配置變更。請立即重新啟動電腦。

原因

需要重新啟動的原因通常是:

1. System Center Endpoint Protection 已成功封鎖此電腦上的惡意軟體。電腦已受到防護,但仍需要重新啟動以完成惡意軟體的移除。

2. 即時防護已啟用或停用。即時防護需要重新啟動電腦以完成系統整合。

解決方法

您可以 使用 Operations Manager 中的 內建工作重新啟動伺服器。

Element properties:

TargetMicrosoft.SCEP.Linux.ProtectedServer
Parent MonitorMicrosoft.SCEP.Linux.ProtectedServer.Agregate.Monitor
CategoryCustom
EnabledTrue
Alert GenerateTrue
Alert SeverityMatchMonitorHealth
Alert PriorityNormal
Alert Auto ResolveTrue
Monitor TypeMicrosoft.SCEP.Linux.PendingRestart.MonitorType
RemotableTrue
AccessibilityPublic
Alert Message
需要重新啟動
需要重新啟動 '{0}' 以完成惡意軟體清除或套用 SCEP 配置。
RunAsDefault

Source Code:

<UnitMonitor ID="Microsoft.SCEP.Linux.PendingRestart.Monitor" Accessibility="Public" Enabled="true" Target="SCEPLinuxLibrary!Microsoft.SCEP.Linux.ProtectedServer" ParentMonitorID="Microsoft.SCEP.Linux.ProtectedServer.Agregate.Monitor" Remotable="true" Priority="Normal" TypeID="SCEPLinuxLibrary!Microsoft.SCEP.Linux.PendingRestart.MonitorType" ConfirmDelivery="true">

  <Category>Custom</Category>

  <AlertSettings AlertMessage="Microsoft.SCEP.Linux.PendingRestart.Monitor_AlertMessageResourceID">

    <AlertOnState>Warning</AlertOnState>

    <AutoResolve>true</AutoResolve>

    <AlertPriority>Normal</AlertPriority>

    <AlertSeverity>MatchMonitorHealth</AlertSeverity>

    <AlertParameters>

      <AlertParameter1>$Target/Property[Type="SCEPLinuxLibrary!Microsoft.SCEP.Linux.ProtectedServer"]/ComputerId$</AlertParameter1>

    </AlertParameters>

  </AlertSettings>

  <OperationalStates>

    <OperationalState ID="UIGeneratedOpStateId453b4b508b3e4570b505317f5035c6db" MonitorTypeStateID="Yes" HealthState="Warning"/>

    <OperationalState ID="UIGeneratedOpStateId2297577704044c5386cd599e6bc0f4ec" MonitorTypeStateID="No" HealthState="Success"/>

  </OperationalStates>

  <Configuration>

    <Host>$Target/Host/Property[Type="Unix!Microsoft.Unix.Computer"]/NetworkName$</Host>

    <LogFile>/var/log/scep/eventlog_scom.dat</LogFile>

    <RegExpFilter>^event=pending_restart,.*$</RegExpFilter>

    <WildcardFalse>event=pending_restart, date=*, status=no;</WildcardFalse>

    <WildcardTrue>event=pending_restart, date=*, status=yes;</WildcardTrue>

    <OnDemandParameter>PendingRestart</OnDemandParameter>

  </Configuration>

</UnitMonitor>