Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Using the OfficeScan ToolBox to generate ATTK logs from an OfficeScan agent

    • Updated:
    • 17 Oct 2016
    • Product/Version:
    • OfficeScan 10.6
    • OfficeScan 11.0
    • OfficeScan XG.All
    • Platform:
    • Windows 2003 Enterprise
    • Windows 2003 Enterprise 64-bit
    • Windows 2003 Standard
    • Windows 2003 Standard 64-bit
    • Windows 2008 Enterprise
    • Windows 2008 Standard
Summary

Learn how to utilize the OfficeScan Toolbox Plug-in to deploy and gather Anti-Threat Tool Kit (ATTK) logs from the OfficeScan server to an OfficeScan client or agent.

Details
Public

To deploy and generate ATTK logs from the OfficeScan server to an OfficeScan agent, you need to install the OfficeScan ToolBox Plug-in:

  1. Log on to the OfficeScan web console.
  2. Go to Plug-in Manager.
  3. Download and install the OfficeScan ToolBox Plug-in.
  4. After installing the plug-in, click Manage Program to access the OfficeScan ToolBox console.
  5. Select which OfficeScan agents to deploy the ATTK package, and then click the Synchronize with OfficeScan option and click Deploy.

    Tool Deployment

  6. On the Deployment Settings window, the ATTK toolkit is already selected by default. Click Deploy.

    Deployment Settings

  7. Close the confirmation window stating that the tool deployment is successful. The ATTK package will be deployed on the client/agent in a few minutes.

    Tool deployment successful.

  8. Select the Logs tab to verify that the ATTK deployment is being processed.

    Logs

    Once the deployment is finished, it will indicate on the Tool Deployment page that it is complete.

  9. When the Result column shows "Completed", download the log file and send it to Trend Micro Technical Support for analysis.

    Deployment Logs

  10. You may also go to the Feedback tab and send the Reference ID to Trend Micro Technical Support for analysis.

    Reference ID

ATTK will check intelligence information from Trend Micro. Check if your firewall ports 80 and 443 are open for *. trendmicro.com.

All network connectivity is based on HTTP/HTTPs. To be safe, *.trendmicro.com should be allowed.
If not, the following URLs should be allowed through the firewall:

 
The list below is accurate at the time of publishing, and may change in the future.
  • housecall800-en.fbs20.trendmicro.com
    • fbsv1.trendmicro.com
    • fbsv2.trendmicro.com
    • fbsv3.trendmicro.com
  • housecall8.icrc.trendmicro.com
  • attk-en.census.trendmicro.com
  • housecall71.nfc.trendmicro.com
Premium
Internal
Rating:
Category:
Configure
Solution Id:
1095269
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.