Have you ever wondered where the logs for malware detection in ConfigMgr is? Look no further! – There is none..
We use Splunk for log analytics and I would love to see a better solution to get the information in there.
Today we use a custom sql-trigger, whenever there is a new entry in the malware table in the SQL it copies it to a temp-table and trigger a Powershell script which collects the information, writes to EventLog and deletes the record after doing so.. This is really not an optimal solution.
Please help me vote my suggestion in the Configuration Manage User Voice forum