katbert

This is a bug or by-design? In EDTD help described upload of EICAR test file (100%-known malware) https://help.eset.com/edtd/en-US/?submit_esmc.html

Is it possible to send known threats to EDTD? It my test environment I extracted files mimikatz_trunk.zip. Almost all files was deleted by on-access protection. In ESMC console I go to Threats and select "thread resolved" filter. I see detected mimikatz modules. I selected one of modules and opened Threat Details. I see Threat name = Win64/Riskware.Mimikatz.D Action taken = cleaned by deleting Scanner = Real-time file system protection In the bottom of Threat Details page I press Send file to EDTD button, and see message of creating client task. One minute ago I see in Client tasks\Eset security product\send file to edtd, and this task was finished successfully But in Submitted files list in ESMC console I don't see this file. And in local interface of File Security - I don't see this file too. Is it bug in ESMC console, or submitting 100%-known threats is not possible?

Thanks for the explanation! And how about certificate issue from my previous post?

we found solution if Windows Server don't trust certificate of ts.eset.com - send files log is empty and no error logged after import Digicert and thatwe root certs - Eset can send files successfuly, and show all previuosly sent files this is a bug, I think

File Security 7.0.12018 don't have log verbosity settings

This screen for Endpoint Security. How to enable diagnostics logging in File Security?

How to enable diagnostic logging?

Yes, with custom files.

We have trial 1-month license for EDTD: ESET Dynamic Threat Defense for Endpoint Security + File Security ESET Dynamic Threat Defense for Mail Security We add license to EBA Account, activete some servers. I see EDTD license in ESMC Console (Computer - show details), and see EDTD settings in local GUI of File Security. If I manually submit files - I see message about successfully sended files. But I don't see submitted files in local GUI or ESMC console, as described here: https://help.eset.com/edtd/en-US/?manual_upload.html Local Sent files log is empty. Agent version is 7.0.577 and File Secuirity version is 7.0.12018

I updated ESMS server components from 7.0.66.1 to 7.0.72.1 (server, agent, web console) using web-console popup window. And I updated Apache HTTP Proxy using all-in-one installer 7.0.72.1. Last step - update Tomcat. I uninstalled Tomcat 7.0.90 from Windows Control Panel, run all-in-one installer and install web console with tomcat 7.0.92 x64. Web console installed successfully and work. But in Windows Control panel\ Programs and features I don't see uninstaller for Tomcat 7-0-92 Is in bug of all-in-one installer 7.0.72.1? And how to uninstall Tomcat 7-0-92 x64 (it may be required to next update)?

I found Component upgrade task description here: https://help.eset.com/esmc_install/70/en-US/components_upgrade.html I updated Apache HTTP Proxy using all-in-one installer: backup configs, stop service, run setup.exe. Apache HTTP Proxy updatet successfully. https://help.eset.com/esmc_install/70/en-US/upgrade_apache_http_proxy_windows_instructions_allinone.html But in Windows Control Panel \ Programs and fetures - I see Apache HTTP Proxy with old installetion date and without version Is it normal?

I updated ESMC Server in the test environment. In the server's trace.log file I found events about database upgrade, and final event:

I run upgrade from popup window in ESMC web console, logoff from web console and close browser. This is recommended way to update ESMC from 7.0.66 to 7.0.72: https://help.eset.com/esmc_install/70/en-US/upgrade_procedures.html In Windows Application eventlog I see events fro MsiInstaller - about successfully update server_x64.msi (with reboot suppressed) and agent_x64.msi. Final event in Application evenltog is era-updater Execution finished with 0x0: (0x0), In Windows Control Panes - I see, only Server and Agent updated to version 7.0.577.0. Tomcat and Apache http proxy have old versions. My questions: How can I see end of upgrade process, launched from web console popup window? How can I see end of database update process (which can work some time in ver 6.x - and admin can't login console) Which ESMC Components I still need to update manually?

I want to log all files, scanned by real-time protection. I'm using Eset File Security 6.5.12014.1 I enable "Log all objects" option in settings \ Real-time file system protection \ ThreatSense parameters But I don't see any logs. Where can I find them?

I'm in process of upgrade ERA from 6.5.34.0 to v7 Upgrading Webconsole steps from: https://support.eset.com/KB6925/ Stop Tomcat service, backup 3 configs: .keystore, server.xml and EraWebServerConfig.properties uninstall old Tomcat install new Webconsole and Tomcat from all-in-one installer v7 restore 3 configs I compare configs from backup (which used by Webconsole v 6.5) and new-genegatet configs from Webconsole v7 I see, what server.xml - have only one difference - password to keystore. So, restoring of server.xml + keystore - restore ONLY self-signed certificate of Webconsole v6. I'm right?