M.Wajahat

Issue resolved by renewing ESET license

I have upgraded ESET gateway security product from version 4.5.7 to 4.5.11 Everything is working fine except that it is unable to start icap service (esets_icap) and return error code 69. I am also getting the following error in squid logs. "optional ICAP service is down after an options fetch failure: icap://127.0.0.1:1344/av_scan [down,!opt]" while esets_daemon shows the error "error[64120000]: Child process icap[23248] terminated with return code 69". Further, virus files are also not blocked by Eset. Kindly help.

I am trying to collect useful threat details from ESET logs. Is there any way to get Source and Destination IP addresses of threat in syslog of ESET ? Kindly give any solution.

I am getting logs in /var/log/messages but the information is incomplete. For eg: Aug 21 14:57:16 server-xxxx esets_daemon[3898]: summ[0f3a0208]: vdb=34471, agent=icap, name="hxxp://www.eicar.org/download/eicar.com.txt", virus="Eicar test file", action="cleaned by deleting", info="", avstatus="clean (deleted)", hop="discarded" Aug 21 14:57:16 lux-126-02-01 esets_icap[3906]: summ[0f420101]: method="RESPMOD", object="hxxp://www.eicar.org/download/eicar.com.txt", status="clean (deleted)", action="discarded" I want source and destination IP addresses which I am not getting from logs.

We don't use ESET Remote Administrator. We require threat detection parameters (mentioned in question) so that we could dump these in our central database. I don't know whether these parameters are available in threatlog.dat file because I am unable to convert it into a TXT file.

Hi, I am using ESET end-point security product and my username is EAV-00186105. I want to view details of malware and threats detected by ESET. These details must at least include :- 1) Threat name 2) Threat source URL 3) Source IP Address 4) Destination IP Address 5) Threat detection time etc. I have read ESET user-guide but there is nothing about logs collection. Kindly give a handy solution. Thanks