About obtaining information on the messages

Symantec Enterprise Security Manager 9.0 lets you access detailed information about the messages that are reported during policy runs.

Table: Message information describes the information that you can access about messages.

Table: Message information

Information title	Description
Description	Describes the message and the security violation that caused the message to be reported The information outlines the relevant security concepts that are associated with the message, and gives the cause and the implications of the security violation.
Category	Shows the message category.
Controls	Provides the details about which checks reported the message.
Suppressing the message	Provides the message suppression information, including the procedure for suppressing the message in Symantec Enterprise Security Manager
Solutions	Provides the details on how to resolve the security violation This data includes information on the component of information security that relates to the check. The data also includes information on how to correct the security violation. The information may also provide URLS for downloading relevant patches.
CVE ID (Common Vulnerability Exposure)	Displays the Common Vulnerability Exposure ID for the security issue that is related to the message
Additional resources	Displays the locations where you can obtain additional information that are related to the security threat.
Affected products	Shows the software applications and the platforms that are affected by a reported vulnerability.
Vulnerabilities	Displays all vulnerabilities that are resolved by installing the patch or software that is associated with the vulnerability that caused the message to be reported.

The message category includes the following:

Change notification

This category contains the messages that report changes to snapshots on Symantec ESM agent computers; specifically, additions, modifications, and deletions.
ESM administrative information

This category contains the messages that inform the user of actions that Symantec Enterprise Security Manager took. For example, messages regarding the creation of a snapshot or checks that were not performed fall into this category. Unexpected actions can indicate security risks.
ESM error

This category contains the messages that inform users of Symantec Enterprise Security Manager policy configuration errors. The errors that the messages report can be corrected by adjusting Symantec Enterprise Security Manager policy configurations.
ICE

This category contains the messages that are derived from the Integrated Command Engine module. These messages are difficult to classify because the meaning of the messages can vary depending on the Integrated Command Engine scripts.
Patch assessment

This category contains the messages that report information on the state of operating system patches. These messages report the details whether a computer has all of the necessary patches.
Policy compliance

This category contains the messages that report whether a Symantec ESM agent host computer complies with a Symantec Enterprise Security Manager policy. The security levels that are associated with these messages rate the severity of the security risk to these computers.
System error

This category contains the messages that report errors on Symantec ESM agent host computers that prevent or invalidate a policy run. These can be regarded as audit errors.
System information
This category contains the messages that report the information that can be used to manually assess or audit a computer. These messages do not have a direct implication regarding the security state of the computer.

Icons that appear in the upper-right corner show how each security problem affects the confidentiality, integrity, and availability of your information.

To access information about messages

On the enterprise tree, expand the following:

Manager > Domain > Policy > Module > Message.
Click a policy run number.
In the message grid at the bottom of the screen, click a message line.

To print information about messages

Right-click in the pane of the ESM console.
Do one of the following:
- Click Open in default browser.
- Click Print.