Being able to launch a SCEP task remotely is great, but any anti-virus administrator worth his or her salt needs to be at least a little bit paranoid. Therefore, this recipe will walk you through the process of using SCEP's reporting capabilities to verify that your commands have been executed successfully. Something as vital to network security as malware event remediation should never be a "fire and forget" scenario.
In this recipe, we will be verifying that definition update command has been completed by using SCCM 2012's reporting function. It is important to remember that although SCCM 2012 is designed to have faster reporting capabilities than previous versions, nothing in SCCM is instant. So, if you have just followed the preceding recipe to force an unscheduled definition update, wait a few minutes before running a report.