Jump to content

MichalJ

ESET Staff
  • Content Count

    1,804
  • Joined

  • Days Won

    56

Kudos

  1. Upvote
    MichalJ received kudos from m.gospodinov in dynamic groups expressions, update antivirus on list of computers, delete a trigger   
    When you remove the "offline computers", is the checkbox "deactivate license" checked? As licensing is evaluated on the cloud licensing servers, you need to make sure, that checkbox for license removal is set. Also, you will have to click "synchronize licenses" in the license screen, to update the listing, as by default it refreshes every 24 hours. 
  2. Upvote
    MichalJ received kudos from m.gospodinov in dynamic groups expressions, update antivirus on list of computers, delete a trigger   
    Hello, I will try to give you some advice:
    Your fist case, should be done in a way that you use "nested dynamic groups". First one will do "Machine is not Windows XP" where I would recommend solution when you first filter out Windows XP machines:  Then you will filter out the ones that do not have the right version:  You can run a task on a list of computers differently: Select them in the computers table, choose each entry, and then click in the footer button "actions" and run task  From the task wizard, when you specify a trigger, you can inside specify either "add groups" or "add computers". When you click "add computers" you can choose whatever computer you like.  When you are in the "client tasks" section, and you expand the entry of the task, grey lines are for triggers. If you click on the "trigger entry" it shows you "delete". Afterwards the console asks you whether you want to delete a trigger.  In client tasks section.  It will install over, perform the upgrade of the computer. However, if you have already Agent installed, the most convenient way is to use software install task.   
     


  3. Upvote
    MichalJ received kudos from m.gospodinov in dynamic groups expressions, update antivirus on list of computers, delete a trigger   
    For number 1, maybe @MartinK might be able to shed some light. I can confirm that the "is one of" and "is not one of" is working for me OK. 
    Point in 6 is related to the fact, that the underlying data is not correlated with computer information. However I do agree, it would be a good idea to have it somehow interconnected, so I will report an improvement request for that.  However, you can apply a filter on "dynamic group" so if you have a DG set on particular criteria, you can also filter the report (for example windows XP DG). 
  4. Upvote
    MichalJ received kudos from m.gospodinov in dynamic groups expressions, update antivirus on list of computers, delete a trigger   
    With regards to the number 7, this functionality will be available in the next release. You will have an option to download the generated report output directly from the dashboard.
    What is also possible in current version is, that when you drill down, apply filters, you can click "generate and download", to get the data exported in CSV format. 
     


  5. Upvote
    MichalJ gave kudos to Aad Slingerland in Fresh ESET Security Management Center Setup but rubbish certificate for browser   
    Just installed this certificate (with the aid of internet explorer) in the collection 'trusted root certificates' and the annoying error when launching IE or Chrome is gone. This will do for me for now. Thanks again.
  6. Upvote
    MichalJ gave kudos to igi008 in Scan office 365   
    Hello serlockwright,
    thank you very much for your question.
    Please, could you provide more details about your environment? (Version of ESET Mail Security for Microsoft Exchange Server (my recommendation is newest one); MS Exchange version in hybrid-mode).
    I suggest firstly look at the following:
    Make sure, that you are using hybrid Environment (it is prerequisite for this feature: https://help.eset.com/emsx/7.1/en-US/idh_xmon_ondemand_hybrid_dlg.html)  Look if you have configured Office 365 Account: https://help.eset.com/emsx/7.1/en-US/idh_config_mailserver_ondemand.html#office365 Thank you very much for using ESET product
    We will be happy if we can help you to find a solution to your problem or if we can improve our product.
  7. Upvote
    MichalJ gave kudos to marco1958 in EFS4Linux on RHEL7 & RHEL8   
    After cleaning old ESET file security 4 Linux & agent files I installed using the commands given below.
    Worked like a charm on RHEL8!
    On RHEL7 I had to killed the first startd (parent init) to get the other processes running.
    Looks as a major improvement compared to the old 4 version. Did not test thoroughly yet.
    Needed "systemctl enable eraagent && systemctl start eraagent" to survive a reboot.
     
    # wget https://download.eset.com/com/eset/apps/business/efs/linux/latest/efs.x86_64.bin # wget https://download.eset.com/com/eset/apps/business/era/agent/v7/latest/agent-linux-x86_64.sh # sh ./efs.x86_64.bin # {yum|dnf} install efs-7.0.1152.0.x86_64.rpm # /opt/eset/efs/sbin/setgui -gre # /opt/eset/efs/sbin/startd # sh agent-linux-x86_64.sh --skip-license --cert-auto-confirm \ --hostname=raserver --port=2222 \ --webconsole-hostname=raserver --webconsole-port=2223 \ --webconsole-user="user" --webconsole-password="password" : Initialized log file: /var/log/eset/RemoteAdministrator/EraAgentInstaller.log : ESET Management Agent Installer (version: 7.1.367.0), ... Creating directories... : Service started. Product installed. # ps -ef | grep efs root 6319 1 0 12:53 ? 00:00:00 /opt/eset/efs/sbin/startd eset-ef+ 6323 6319 0 12:53 ? 00:00:00 /opt/eset/efs/lib/logd root 6324 6319 0 12:53 ? 00:00:00 /opt/eset/efs/lib/sysinfod eset-ef+ 6325 6319 3 12:53 ? 00:00:20 /opt/eset/efs/lib/updated eset-ef+ 6326 6319 0 12:53 ? 00:00:00 /opt/eset/efs/lib/licensed eset-ef+ 6327 6319 0 12:53 ? 00:00:01 /opt/eset/efs/lib/confd root 6332 6319 0 12:53 ? 00:00:00 /opt/eset/efs/lib/oaeventd eset-ef+ 6337 6319 22 12:53 ? 00:02:34 /opt/eset/efs/lib/scand eset-ef+ 6404 6319 0 12:54 ? 00:00:00 /opt/eset/efs/lib/webd/backend/webd eset-ef+ 6418 6319 0 12:54 ? 00:00:00 /opt/eset/efs/lib/authd root 6769 6319 0 12:59 ? 00:00:00 /opt/eset/efs/lib/execd
  8. Upvote
    MichalJ gave kudos to Marcos in policy values are read only   
    It's clear now. You clicked the Settings tab to view a policy instead of selecting Edit from the menu:

     

     
  9. Upvote
    MichalJ gave kudos to MartinK in Automatic FQDN rename not working   
    Is there any known method you are already using to fetch FQDN on those machines? For example some command line tool, shell command, etc.? Does output of any of following command:
    hostname hostname -f scutil --get ComputerName scutil --get HostName scutil --get LocalHostName sysctl -a mention value that could be possibly used as FQDN?
    We have already seen machines that were configured in a way that they were not aware of their's FQDN, it was available only on DNS servers, but that is problem for ESMC Agent which requires data to be available locally.
  10. Upvote
    MichalJ gave kudos to MartinK in Automatic FQDN rename not working   
    Value of kern.hostname should be actually used by AGENT so setting it should resolve problem. There is definitely no need to reinstall AGENT -> hostname is not fetched very often, so easiest would be to restart AGENT's service. It can be done using following commands in root terminal:
    cd "/Applications/ESET Remote Administrator Agent.app" ./Contents/Scripts/restart_agent.sh  
  11. Upvote
    MichalJ received kudos from display3958023 in Cannot Find MacOS Products when Creating Installer   
    @display3958023 The reason is simple. All in one installer is available only for Windows.  Information is available in the help of ESET Remote Administrator: https://help.eset.com/era_admin/65/en-US/deployment_scenarios.html?fs_local_deployment_aio_create.html
    In case of a mac product, you can either generate an agent live installer script, or deploy the agent installer manually. Installation of the security software product can be then performed using a software install task. 
    PS: I would strongly recommend to upgrade your server to ESET Security Management Center V7, which was released more than a year ago. 
  12. Upvote
    MichalJ received kudos from display3958023 in Cannot Find MacOS Products when Creating Installer   
    You can download the standalone mac endpoint installer at eset.com (download section). Specifically here: https://www.eset.com/int/business/endpoint-antivirus-mac/download/ 
    Installation works in the way, that when you choose a product you want to install, agent will connect to ESET Repository (cloud download server), and will download and installed the respective product. You can cache installers by a proxy server placed in between, to optimize a network traffic. 
    With regards to the appliance upgrade, instructions are available in the documentation: https://help.eset.com/esmc_deploy_va/70/en-US/va_upgrade_migrate.html 
  13. Upvote
    MichalJ gave kudos to Marcos in Notification when user disables Endpoint Security modules   
    There is a default dynamic group Problematic computers which is defined as:

    That said, any machines that have a protection feature disabled will fall into this dynamic group.
    Then in Notifications enable this one which you can customize, if needed:


  14. Upvote
    MichalJ received kudos from serlockwright in Collect log policy   
    Details are provided here, on the forum post: 
     
  15. Upvote
    MichalJ received kudos from roga in esmc server not talking to itself   
    Then the only option will be to remove the agent, and try to install it again. 
  16. Upvote
    MichalJ received kudos from JirkaL in Disable Rogue Agent+LDAP   
    Hello Jirka,
    For the first problem, I would first apply "reset the RD sensor database" task, to validate whether the white-list is working (as once reported the data are kept, even in case the RD sensor whitelist is actually working). Alternatively, I would uninstall the RD sensor at all, if it reports too many false positives.
    With regards to the second problem, I would recommend to contact your customer care, as the error is generic, and does not give is exact reasoning for what might be the failure. 
    Regards,
    Michal 
  17. Upvote
    MichalJ received kudos from OrthoC in Task to upgrade to latest version?   
    @OrthoC Ok, so no "care-less" but "effortless"   We are working hard to design applications that will be simpler and would require fewer clicks, fewer steps, and fewer time in general to work with them. And automation is one of the paths we will for sure follow. This exactly shows us, how important this is! 
  18. Upvote
    MichalJ received kudos from Mirek S. in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @andy_s We will track this as an improvement request, towards the future versions. Issue is, that the "upgrade" itself is handled by Endpoint (in case you execute scan and select option "shutdown after scan"), and Endpoint does not initiate agent wakeup to report scan completion. It simply triggers shutdown, before the result is replicated.
    Maybe, if you are willing to, can you explain why are you shutting down the machines? Is it to save power over weekends, or? As there might be different way how to achieve that. One that will report "success" would be a run command, with a respective windows shutdown / with delay, as task would report "Success" not in the moment of task execution, but on the moment when it contacted WMI provider with the command the reboot. If system acknowledged, it will report success.  Also, out of curiosity, what is your replication interval?
  19. Upvote
    MichalJ received kudos from droezel in Future changes to ESET Endpoint programs   
    @Markwd Hello, there are two reasons. Anti-theft in consumer is focused on device retrieval, not on the data security (no possibility to wipe the disk on the device). Also, the implementation capable of tracking screenshots / photos of the users, might violate a lot of corporate laws / regulations. If Anti-theft is introduced into the business versions, it will have to behave differently. If I can ask you a question, what kind of a problem you would like to solve with it? Would it be intended for device recovery, or more a data removal / prevention of misuse ?
  20. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Hello @Pinni3. To get to your points: 
    For that purpose, we allow nested dynamic groups. Meaning you have your 30 static ones, each one of them could have nested dynamic groups. Our you want to set it in a way, that you for example put the DG under "all" but then say that it needs to be only in the following static groups. Challenge is, that DG is evaluated on the Agent side, and Agent does not always know, in which SG it belongs to (if you move a client, it will need to recalculate all policy assignments for example). Therefore the nested concept.  We are already tracking improvement for that (Internal reference - IDEA-1100) We are working on better auditing changes, to track who / what / when / how was done. (internal reference - IDEA-1371 I am not completely sure what´s the problem here. Purpose of ERA proxy was just to aggregate the data, but at the end it was sent to ERA server, so the amount of DATA sent is not increased when Proxy was deprecated. Just the ESMC server handles more connections directly, due to a changed replication protocol. Also, AFAIK we have bigger installations than 10k on MySQL. Maybe @MartinK can provide some more information on this. 
  21. Upvote
    MichalJ received kudos from katycomputersystems in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @SysEPr Thank you for your feedback: 
    With regards to the first case, we will investigate this behavior. It looks to me more like a bug in the implementation. We will check this internally.  We are planning to introduce more advanced IFTTT (If this then that)  logic, into ESMC, however it will not happen in ESMC 7.1 for sure. But it´s on the roadmap for the future versions, that will allow you to achieve better automation, and such advanced conditions. 
  22. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @tbsky We are not planning to add mariaDB support. Due to our journey to the cloud and also multi-platform compatibility, we will most likely work on the support of MySQL 8 for next major release of ESMC 
  23. Upvote
    MichalJ received kudos from sindbad in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @sindbad We are already tracking improvements to be able to generate reports based on the license usage (used license). I will extend it with your request.
  24. Upvote
    MichalJ received kudos from katycomputersystems in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @katycomputersystems Functionality to change the group in the computer details is coming back. It was accidentally removed during the redesign.
    @Zen11t We have a project/ feature tracked to globally control all of the interactive windows for the future. I will add your comment to there.
  25. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Thank you @Campbell IT Concerning the "logged users" - all is clear. We are already tracking an improvement for that, so I have added your feedback to it. With regards to the "Detection Engine", would the information about "last update attempt" (= when the application contacted ESET Servers, to check whether there is a newer version of any module) or "last successful update" (= when the application actually downloaded any of the newer modules from ESET Servers, which means it´s working with the latest modules), be sufficient to you?
    In the meantime, logic works, that machine changes its status from updated to non-updated after 7 days, and will report a protection status (red) with "modules out of date". If you are more strict with this, what you can do is to shorten the alert interval down to one day, by configuring a setting in a policy for security product as follows:
     

×
×
  • Create New...