alexroz
-
Posts
14 -
Joined
-
Last visited
Posts posted by alexroz
-
-
-
Hi
Suddenly i can not log-in into my Remote Administrator Web Console that runs into VM based on CENTOS.
The server up and running.
I can open https://myeraserverip/era/webconsole/ page in the browser.
But when I enter the administrative password I receive:
Login failed: Connection has failed with state 'Not connected'
When I run
/opt/eset/RemoteAdministrator/Server/DiagnosticServer
with
4. ActionConfiguration. Get configuration.
I receive:
ERROR executing task ActionConfiguration, error: [unixODBC][Driver Manager]Can't open lib 'MySQL ODBC 5.3 Unicode Driver' : file not found (0)
In my /etc/odbcinst.ini I can see only "MySQL ODBC 8.0 Unicode Driver" but no "MySQL ODBC 5.3 Unicode Driver" as "/opt/eset/RemoteAdministrator/Server/DiagnosticServer" trying to apply
[root@era ~]# cat /etc/odbcinst.ini [PostgreSQL] Description=ODBC for PostgreSQL Driver=/usr/lib/psqlodbcw.so Setup=/usr/lib/libodbcpsqlS.so Driver64=/usr/lib64/psqlodbcw.so Setup64=/usr/lib64/libodbcpsqlS.so FileUsage=1 [MySQL ODBC 8.0 Unicode Driver] Driver=/usr/lib64/libmyodbc8w.so UsageCount=1 [MySQL ODBC 8.0 ANSI Driver] Driver=/usr/lib64/libmyodbc8a.so UsageCount=1
[root@era ~]# ldd -v /usr/lib64/libmyodbc8w.so linux-vdso.so.1 => (0x00007ffc5d828000) libodbcinst.so.2 => /usr/lib64/libodbcinst.so.2 (0x00007f412ac6c000) libpthread.so.0 => /usr/lib64/libpthread.so.0 (0x00007f412aa4f000) librt.so.1 => /usr/lib64/librt.so.1 (0x00007f412a847000) libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007f412a5d5000) libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007f412a174000) libdl.so.2 => /usr/lib64/libdl.so.2 (0x00007f4129f6f000) libm.so.6 => /usr/lib64/libm.so.6 (0x00007f4129c6d000) libstdc++.so.6 => /usr/lib64/libstdc++.so.6 (0x00007f4129965000) libgcc_s.so.1 => /usr/lib64/libgcc_s.so.1 (0x00007f412974e000) libc.so.6 => /usr/lib64/libc.so.6 (0x00007f412938b000) /lib64/ld-linux-x86-64.so.2 (0x000055e80c50a000) libltdl.so.7 => /usr/lib64/libltdl.so.7 (0x00007f4129181000) libgssapi_krb5.so.2 => /usr/lib64/libgssapi_krb5.so.2 (0x00007f4128f33000) libkrb5.so.3 => /usr/lib64/libkrb5.so.3 (0x00007f4128c4b000) libcom_err.so.2 => /usr/lib64/libcom_err.so.2 (0x00007f4128a47000) libk5crypto.so.3 => /usr/lib64/libk5crypto.so.3 (0x00007f4128813000) libz.so.1 => /usr/lib64/libz.so.1 (0x00007f41285fd000) libkrb5support.so.0 => /usr/lib64/libkrb5support.so.0 (0x00007f41283ee000) libkeyutils.so.1 => /usr/lib64/libkeyutils.so.1 (0x00007f41281ea000) libresolv.so.2 => /usr/lib64/libresolv.so.2 (0x00007f4127fd0000) libselinux.so.1 => /usr/lib64/libselinux.so.1 (0x00007f4127da8000) libpcre.so.1 => /usr/lib64/libpcre.so.1 (0x00007f4127b46000) Version information: /usr/lib64/libmyodbc8w.so: libgcc_s.so.1 (GCC_3.0) => /usr/lib64/libgcc_s.so.1 ld-linux-x86-64.so.2 (GLIBC_2.3) => /lib64/ld-linux-x86-64.so.2 libdl.so.2 (GLIBC_2.2.5) => /usr/lib64/libdl.so.2 libstdc++.so.6 (GLIBCXX_3.4.18) => /usr/lib64/libstdc++.so.6 libstdc++.so.6 (GLIBCXX_3.4.11) => /usr/lib64/libstdc++.so.6 libstdc++.so.6 (CXXABI_1.3) => /usr/lib64/libstdc++.so.6 libstdc++.so.6 (CXXABI_1.3.5) => /usr/lib64/libstdc++.so.6 libstdc++.so.6 (GLIBCXX_3.4) => /usr/lib64/libstdc++.so.6 libpthread.so.0 (GLIBC_2.2.5) => /usr/lib64/libpthread.so.0 libcrypto.so.10 (libcrypto.so.10) => /usr/lib64/libcrypto.so.10 libssl.so.10 (libssl.so.10) => /usr/lib64/libssl.so.10 libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3.4) => /usr/lib64/libc.so.6 /usr/lib64/libodbcinst.so.2: libpthread.so.0 (GLIBC_2.2.5) => /usr/lib64/libpthread.so.0 libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3) => /usr/lib64/libc.so.6 /usr/lib64/libpthread.so.0: ld-linux-x86-64.so.2 (GLIBC_2.2.5) => /lib64/ld-linux-x86-64.so.2 ld-linux-x86-64.so.2 (GLIBC_2.3) => /lib64/ld-linux-x86-64.so.2 ld-linux-x86-64.so.2 (GLIBC_PRIVATE) => /lib64/ld-linux-x86-64.so.2 libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3.2) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_PRIVATE) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 /usr/lib64/librt.so.1: libpthread.so.0 (GLIBC_2.3.2) => /usr/lib64/libpthread.so.0 libpthread.so.0 (GLIBC_PRIVATE) => /usr/lib64/libpthread.so.0 libpthread.so.0 (GLIBC_2.2.5) => /usr/lib64/libpthread.so.0 libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3.2) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_PRIVATE) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 /usr/lib64/libssl.so.10: libk5crypto.so.3 (k5crypto_3_MIT) => /usr/lib64/libk5crypto.so.3 libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.17) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 libkrb5.so.3 (krb5_3_MIT) => /usr/lib64/libkrb5.so.3 libcrypto.so.10 (OPENSSL_1.0.1_EC) => /usr/lib64/libcrypto.so.10 libcrypto.so.10 (libcrypto.so.10) => /usr/lib64/libcrypto.so.10 /usr/lib64/libcrypto.so.10: libdl.so.2 (GLIBC_2.2.5) => /usr/lib64/libdl.so.2 libc.so.6 (GLIBC_2.3) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.7) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.17) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3.4) => /usr/lib64/libc.so.6 /usr/lib64/libdl.so.2: ld-linux-x86-64.so.2 (GLIBC_PRIVATE) => /lib64/ld-linux-x86-64.so.2 libc.so.6 (GLIBC_PRIVATE) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 /usr/lib64/libm.so.6: ld-linux-x86-64.so.2 (GLIBC_PRIVATE) => /lib64/ld-linux-x86-64.so.2 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_PRIVATE) => /usr/lib64/libc.so.6 /usr/lib64/libstdc++.so.6: ld-linux-x86-64.so.2 (GLIBC_2.3) => /lib64/ld-linux-x86-64.so.2 libm.so.6 (GLIBC_2.2.5) => /usr/lib64/libm.so.6 libgcc_s.so.1 (GCC_4.2.0) => /usr/lib64/libgcc_s.so.1 libgcc_s.so.1 (GCC_3.3) => /usr/lib64/libgcc_s.so.1 libgcc_s.so.1 (GCC_3.0) => /usr/lib64/libgcc_s.so.1 libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3.2) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 /usr/lib64/libgcc_s.so.1: libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 /usr/lib64/libc.so.6: ld-linux-x86-64.so.2 (GLIBC_2.3) => /lib64/ld-linux-x86-64.so.2 ld-linux-x86-64.so.2 (GLIBC_PRIVATE) => /lib64/ld-linux-x86-64.so.2 /usr/lib64/libltdl.so.7: libdl.so.2 (GLIBC_2.2.5) => /usr/lib64/libdl.so.2 libc.so.6 (GLIBC_2.3.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 /usr/lib64/libgssapi_krb5.so.2: libk5crypto.so.3 (k5crypto_3_MIT) => /usr/lib64/libk5crypto.so.3 libkrb5support.so.0 (krb5support_0_MIT) => /usr/lib64/libkrb5support.so.0 libc.so.6 (GLIBC_2.3) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.8) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 libkrb5.so.3 (krb5_3_MIT) => /usr/lib64/libkrb5.so.3 /usr/lib64/libkrb5.so.3: libresolv.so.2 (GLIBC_2.2.5) => /usr/lib64/libresolv.so.2 libk5crypto.so.3 (k5crypto_3_MIT) => /usr/lib64/libk5crypto.so.3 libkrb5support.so.0 (krb5support_0_MIT) => /usr/lib64/libkrb5support.so.0 libkeyutils.so.1 (KEYUTILS_1.0) => /usr/lib64/libkeyutils.so.1 libkeyutils.so.1 (KEYUTILS_1.5) => /usr/lib64/libkeyutils.so.1 libkeyutils.so.1 (KEYUTILS_0.3) => /usr/lib64/libkeyutils.so.1 libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.8) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.16) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3) => /usr/lib64/libc.so.6 /usr/lib64/libcom_err.so.2: ld-linux-x86-64.so.2 (GLIBC_2.3) => /lib64/ld-linux-x86-64.so.2 libpthread.so.0 (GLIBC_2.2.5) => /usr/lib64/libpthread.so.0 libc.so.6 (GLIBC_2.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.17) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 /usr/lib64/libk5crypto.so.3: libc.so.6 (GLIBC_2.3) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 libkrb5support.so.0 (krb5support_0_MIT) => /usr/lib64/libkrb5support.so.0 /usr/lib64/libz.so.1: libc.so.6 (GLIBC_2.3.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 /usr/lib64/libkrb5support.so.0: libdl.so.2 (GLIBC_2.2.5) => /usr/lib64/libdl.so.2 libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.8) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.7) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3.4) => /usr/lib64/libc.so.6 /usr/lib64/libkeyutils.so.1: libc.so.6 (GLIBC_2.3.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.7) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 /usr/lib64/libresolv.so.2: libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_PRIVATE) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3) => /usr/lib64/libc.so.6 /usr/lib64/libselinux.so.1: libdl.so.2 (GLIBC_2.2.5) => /usr/lib64/libdl.so.2 ld-linux-x86-64.so.2 (GLIBC_2.3) => /lib64/ld-linux-x86-64.so.2 libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.8) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.7) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3.4) => /usr/lib64/libc.so.6 /usr/lib64/libpcre.so.1: libpthread.so.0 (GLIBC_2.2.5) => /usr/lib64/libpthread.so.0 libc.so.6 (GLIBC_2.14) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.4) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.2.5) => /usr/lib64/libc.so.6 libc.so.6 (GLIBC_2.3) => /usr/lib64/libc.so.6
I can see the following in servers /var/log/messages
Apr 23 11:43:16 era server: Apr 23, 2018 11:43:16 AM sk.eset.era.g2webconsole.server.modules.logger.FileLogWriter addItem Apr 23 11:43:16 era server: INFO: [2018-04-23 11:43:16.755] V3 [] <INFO> Generating main page HTML using locale: en_US Apr 23 11:43:17 era server: Apr 23, 2018 11:43:17 AM sk.eset.era.g2webconsole.server.modules.logger.FileLogWriter addItem Apr 23 11:43:17 era server: INFO: [2018-04-23 11:43:17.491] V2 [] <INFO> Console requests webserver info. Apr 23 11:43:18 era server: Apr 23, 2018 11:43:18 AM sk.eset.era.g2webconsole.server.modules.logger.FileLogWriter addItem Apr 23 11:43:18 era server: INFO: [2018-04-23 11:43:18.717] V2 [] <INFO> User sends request for authentification using login name Administrator, domain false, locale en_US and cookies true (192.168.0.19). Apr 23 11:43:18 era server: Apr 23, 2018 11:43:18 AM sk.eset.era.g2webconsole.server.modules.logger.FileLogWriter addItem Apr 23 11:43:18 era server: INFO: [2018-04-23 11:43:18.720] V2 [] <INFO> Closing connection Apr 23 11:43:18 era server: Apr 23, 2018 11:43:18 AM sk.eset.era.g2webconsole.server.modules.logger.FileLogWriter addItem Apr 23 11:43:18 era server: INFO: [2018-04-23 11:43:18.720] V2 [Administrator] <WARNING> Login (session creation) failed (code 3) from address 192.168.0.19. Apr 23 11:43:18 era server: Apr 23, 2018 11:43:18 AM sk.eset.era.g2webconsole.server.modules.logger.FileLogWriter addItem Apr 23 11:43:18 era server: INFO: [2018-04-23 11:43:18.721] V1 [Administrator] <TRACE> Login failed. Reason: Connection failed 'NOT_CONNECTED' Apr 23 11:43:18 era server: Apr 23, 2018 11:43:18 AM sk.eset.era.g2webconsole.server.modules.logger.FileLogWriter addItem Apr 23 11:43:18 era server: INFO: [2018-04-23 11:43:18.725] V2 [] <ERROR> Connection closing because of ERA server communication processing error: Connection refused Apr 23 11:43:18 era server: Apr 23, 2018 11:43:18 AM sk.eset.era.g2webconsole.server.modules.logger.FileLogWriter addItem Apr 23 11:43:18 era server: INFO: [2018-04-23 11:43:18.725] V2 [] <ERROR> Connection closing because of ERA server communication error: Connection refused Apr 23 11:43:18 era server: Apr 23, 2018 11:43:18 AM sk.eset.era.g2webconsole.server.modules.logger.FileLogWriter addItem Apr 23 11:43:18 era server: INFO: [2018-04-23 11:43:18.727] V2 [] <INFO> Closing connection
How can I solve the problem?
-
I have just found one hxxp://support.eset.com/en_EN/browse/ but there is no corresponding RSS feed.
hxxp://support.eset.com/en_EN/browse/?segment=business for business.
-
Is it any RSS feed or even regular web page with last ESET Alerts and new or updated KB articles similar to hxxp://support.eset.com/news/
Or where can I see all hxxp://support.eset.com/alert****/ and hxxp://support.eset.com/kb****/ in chronological order?
-
26 minutes ago, MichalJ said:
Policy settings could be done the way, that you run the learning mode, while the master policy is not applied (not assigned to clients), then request its configuration via task, convert the configurstion into policy and apply it together with your master policy, with a corresponding flag (prepend / append). That would apply both the learning mode settings and master policy.
Sorry... Can you explain it in more details...
I have no idea how particularly it can be implemented.
-
1 hour ago, MichalJ said:
Do you have an policy in ERA v6 that configured also firewall rules?
Yes. I have applied the hxxp://support.eset.com/kb6132/ recommendations.
1 hour ago, MichalJ said:Only workaround is, to de-apply the policy with firewall rules, so values becomes "read-write" again.
What do you mean by "de-apply"? Do you suggest to remove all the firewall policies from the server?
How the policy would becomes "read-write" again?
-
Hello
I noticed that following problems with all my Endpoint Security clients:
- Endpoint Security clients fail to save / create a new firewall rules in Learning Mode
- Endpoint Security clients unable to save new rules with Network troubleshooting wizard at all clients
I suggest it's some thing wrong with my polices at the server...
I have ESET Remote Administrator Server 6.5.417.0 and ESET ENDPOINT SECURITY 6.5.2094.0
How can I create different custom rules for small amount of particular endpoint security clients with. When which one of them needs different custom rules.
-
How do I configure Presentation mode on client workstations? - hxxp://support.eset.com/kb5672
-
1 hour ago, MartinK said:
Content of uncached-requests.log seems to be fine -> metadata file update.ver is intentionaly not cached. Invalidated requests are also as expected: those queries are not cached.
Unfortunatelly there are no operations that are supposed to be cached (= download of updatable modules or installers). I would expect them to be listed as revalidated or missed. Maybe logging was not running long enough and there were no updates downloaded?
There is also one other method how to check whether cacheing works -> you can list cache content using command htcacheclean which should be part of apache proxy installation. Not sure of the exact syntax, but something like:
htcacheclean -v -a -p <path to cache directory>
should list cached entries with details.
Thank you MartinK
Your assumption was correct. The logging wasn't running long enough...
Now I can see some activity at revalidated-requests.log :
Quoteusername@proxy-era:~$ cat /etc/apache2/revalidated-requests.log
192.168.0.68 - - [03/May/2017:16:15:45 +0300] "GET hxxp://update.eset.com/ep6-rel-bat/mod_042_netprot_1755/em042_32_n1.nup HTTP/1.1" 200 7201
192.168.0.56 - - [03/May/2017:16:18:43 +0300] "GET hxxp://update.eset.com/ep6-rel-bat/mod_002_engine_33258/em002_32_n1.nup HTTP/1.1" 200 49696
192.168.0.56 - - [03/May/2017:16:18:44 +0300] "GET hxxp://update.eset.com/ep6-rel-bat/mod_021_horus_10604/em021_32_n2.nup HTTP/1.1" 200 28521
192.168.0.56 - - [03/May/2017:16:18:44 +0300] "GET hxxp://update.eset.com/ep6-rel-bat/mod_023_pegasus_10135/em023_32_n3.nup HTTP/1.1" 200 44005
192.168.0.56 - - [03/May/2017:16:18:45 +0300] "GET hxxp://update.eset.com/ep6-rel-bat/mod_042_netprot_1755/em042_32_n1.nup HTTP/1.1" 200 7201 -
On 4/27/2017 at 10:42 PM, MartinK said:
My personal recommendation is to enable status logs (https://httpd.apache.org/docs/2.4/mod/mod_cache.html#status) that will log each cahce hit or miss. This will enable you to check whether any requests are handled by cache and whether they are actually served from cache.
OK
I enabled apache's status logging according to https://httpd.apache.org/docs/current/mod/mod_cache.html#status
I can see that cached-requests.log and revalidated-requests.log are empty.
When uncached-requests.log contains:
Quoteusermane@proxy-era:/etc$ cat /etc/apache2/uncached-requests.log
192.168.0.68 - - [03/May/2017:15:27:47 +0300] "GET hxxp://update.eset.com/eset_upd/ep6/update.ver HTTP/1.1" 200 11167
192.168.0.68 - - [03/May/2017:15:28:03 +0300] "GET hxxp://update.eset.com/eset_upd/ep6/update.ver HTTP/1.1" 200 11167
192.168.0.68 - - [03/May/2017:15:28:20 +0300] "GET hxxp://update.eset.com/eset_upd/ep6/update.ver HTTP/1.1" 200 11167
192.168.0.68 - - [03/May/2017:15:28:35 +0300] "GET hxxp://update.eset.com/eset_upd/ep6/update.ver HTTP/1.1" 200 11167
192.168.0.68 - - [03/May/2017:15:28:51 +0300] "GET hxxp://update.eset.com/eset_upd/ep6/update.ver HTTP/1.1" 200 11167
192.168.0.183 - - [03/May/2017:15:29:04 +0300] "GET hxxp://update.eset.com/eset_upd/ep6/update.ver HTTP/1.1" 200 11167
192.168.0.68 - - [03/May/2017:15:29:06 +0300] "GET hxxp://update.eset.com/eset_upd/ep6/update.ver HTTP/1.1" 200 11167
192.168.0.38 - - [03/May/2017:15:29:08 +0300] "GET hxxp://update.eset.com/eset_upd/era6/update.ver HTTP/1.1" 200 2524
192.168.0.100 - - [03/May/2017:15:29:12 +0300] "GET hxxp://update.eset.com/eset_upd/era6/update.ver HTTP/1.1" 200 2524
......And invalidated-requests.log
Quoteusermane@proxy-era:/etc$ cat /etc/apache2/invalidated-requests.log
192.168.0.97 - - [03/May/2017:15:28:00 +0300] "POST hxxp://i4.c.eset.com:80/ HTTP/1.1" 200 11085
192.168.0.32 - - [03/May/2017:15:28:25 +0300] "POST hxxp://i4.c.eset.com:80/ HTTP/1.1" 200 11085
192.168.0.116 - - [03/May/2017:15:29:01 +0300] "POST hxxp://i4.c.eset.com:80/ HTTP/1.1" 200 11085
192.168.0.40 - - [03/May/2017:15:29:03 +0300] "POST hxxp://i4.c.eset.com:80/ HTTP/1.1" 200 11085
192.168.0.183 - - [03/May/2017:15:29:04 +0300] "POST hxxp://ts.eset.com:80/query/chsquery.php HTTP/1.1" 200 213
192.168.0.183 - - [03/May/2017:15:29:04 +0300] "POST hxxp://ts.eset.com:80/query/chsquery.php HTTP/1.1" 200 310
192.168.0.183 - - [03/May/2017:15:29:04 +0300] "POST hxxp://ts.eset.com:80/query/chsquery.php HTTP/1.1" 200 213
192.168.0.183 - - [03/May/2017:15:29:04 +0300] "POST hxxp://ts.eset.com:80/query/chsquery.php HTTP/1.1" 200 310
192.168.0.95 - - [03/May/2017:15:29:09 +0300] "POST hxxp://i4.c.eset.com:80/ HTTP/1.1" 200 11085
192.168.0.35 - - [03/May/2017:15:29:21 +0300] "POST hxxp://i4.c.eset.com:80/ HTTP/1.1" 200 11085
.....Volume of /var/cache/apache2/mod_cache_disk is 103M
Quoteusermane@proxy-era:/etc$ sudo du -shc /var/cache/apache2/mod_cache_disk
103M /var/cache/apache2/mod_cache_disk
103M totalWhat does it mean? Does caching work or is it just proxy without any caching?
-
12 hours ago, MartinK said:
My personal recommendation is to enable status logs (https://httpd.apache.org/docs/2.4/mod/mod_cache.html#status) that will log each cahce hit or miss. This will enable you to check whether any requests are handled by cache and whether they are actually served from cache.
It is also possible to use various apache modules for monitoring status and load. For example module mod_status (blog) may help you to monitor at least server activity, number of connections and transferred bytes.
Thank you.
It's quite a lot material to digest for me....
I'm not familiar enough with Linux's server side yet....
-
Hi
How can I verify that Endpoint clients and agents (configuration according to hxxp://support.eset.com/kb5950/#Policy2useHttpProxy) are using my new Apache HTTP Proxy?
And how can I verify that Apache HTTP Proxy is properly functioning?
I have Windows domain with ERA Server (based on CentOS virtual appliance) at one host ERA Apache HTTP proxy based on Ubuntu 16.04 server (configuration according to hxxp://help.eset.com/era_install/65/en-US/index.html?http_proxy_installation_linux.htm).
-
On 3/30/2017 at 5:49 PM, Marcos said:
/root/firewall.sh
There is no such file at my ERA 6.5.31.0 VA
[root@ERA ~]# ls -al /root/ total 1344 dr-xr-x---. 10 root root 4096 Apr 6 14:39 . dr-xr-xr-x. 17 root root 4096 Mar 30 17:04 .. -rwxr-xr-x. 1 root root 1188 Apr 26 2016 appliance-boot.sh lrwxrwxrwx. 1 root root 36 Apr 25 2016 appliance-configuration-log.txt -> /tmp/appliance-configuration-log.txt -rw-r--r--. 1 root root 0 Mar 30 16:37 appliance-configured-manually -rw-r--r--. 1 root root 0 Mar 30 16:37 appliance-configured-successfully -rwxr-xr-x. 1 root root 1218496 Feb 15 2016 appliance-gui -rw-r--r--. 1 root root 1640 May 5 2016 appliance-gui-menu-configured-server.txt -rw-r--r--. 1 root root 470 Feb 17 2016 appliance-gui-menu-configured.txt -rw-r--r--. 1 root root 551 Oct 14 07:14 appliance-gui-menu-configured-vagenthost.txt -rw-r--r--. 1 root root 1640 Mar 30 16:37 appliance-gui-menu.txt -rw-r--r--. 1 root root 638 Mar 1 2016 appliance-gui-menu-unconfigured.txt drwxr-xr-x. 3 root root 4096 Mar 30 16:31 appliance-web-conf -rw-------. 1 root root 1670 Apr 6 17:23 .bash_history -rw-r--r--. 1 root root 18 Dec 29 2013 .bash_logout -rw-r--r--. 1 root root 10010 Aug 22 2016 .bash_profile -rw-r--r--. 1 root root 176 Dec 29 2013 .bashrc -rwxr-xr-x. 1 root root 7983 Jan 17 15:08 clear-previous-installation.sh drwxr-xr-x. 3 root root 4096 Jun 8 2016 conf-backup drwx------. 3 root root 17 Feb 4 2016 .config -rwxr-xr-x. 1 root root 1437 Apr 26 2016 configure-domain.sh -rw-r--r--. 1 root root 100 Dec 29 2013 .cshrc -rw-r--r--. 1 root root 38881 Mar 9 20:40 era-appliance.pyc drwxr-xr-x. 2 root root 4096 Mar 9 20:41 eset_installers drwx------. 2 root root 94 Apr 9 09:21 .gnupg -rw-r--r--. 1 root root 2655 May 5 2015 help-with-domain.txt -rw-------. 1 root root 170 Feb 15 2016 .lesshst drwx------. 2 root root 43 Apr 6 15:12 .links -rw-------. 1 root root 0 Mar 30 16:30 .mysql_history -rw-r--r--. 1 root root 1270 Mar 30 16:37 ovf.xml drwxr-----. 3 root root 18 Feb 4 2016 .pki -rwxr-xr-x. 1 root root 277 Feb 16 2016 rejoin-domain.sh -rw-------. 1 root root 1024 Feb 11 2016 .rnd drwxr-xr-x. 3 root root 4096 Feb 18 2016 system-backup -rw-r--r--. 1 root root 129 Dec 29 2013 .tcshrc -rw-r--r--. 1 root root 0 Mar 30 17:02 webmin-is-enabled
I have access to ERA true https and SSH. But can't ping it. I get "request timed out" when pinging to ERA with it's IP.
Can not log in into Remote Administrator Web Console
in ESET PROTECT On-prem (Remote Management)
Posted
Keep toying with it ;-P