offbyone

I think so.
To get sure I did the last change yesterday evening and had a look at the results today. Group was still empty. Then I changed from "regex" to "has prefix" and 10 minutes later I saw the first computer appearing in the group.

As AGENT->ESMC protocol currently used gRPC on application layer (not guaranteed to the future), there are many small projects and proxies that can be used to routing, but in case of security, most reliable solution might be standard TLS termination and forwarding of requests on TCP layer, i.e. without interpreting data and requests itself. This is supported by most of the commonly used proxies ad mentioned previously. It would just require some basic "magic" with certificates. In this configuration, proxy should be just "repacking" TCP traffic from one TLS channel to another, instead of interpreting it + it is possible to configure proxies to be transparent for AGENTs. This kind of configuration is very often used for load balancing.
Your case would be probably best matched by something like TLS pass-through with additional client certificate checks, but it is probably not supported by common proxies, I think it not possible to validate client certificate before connection to backend service (ESMC in this case) is opened, so it would somehow reduce security benefits.

ESMC Agent are using mutually authenticated TLS (both endpoints do have to present with it's certificate), which is protecting underlying HTTP2 requests, so technically it is HTTP2 over TLS.

It's possible to use the PASSWORD="%password%" parameter (https://help.eset.com/era/53/en-US/idh_ra_remoteinst_commandline.html) from the command-line.

I have been able to reproduce the behavior. It seems to me as a bug, so I will report it to our QA / DEV teams. that a confusing description is displayed for the group, as indeed it shows "dynamic group" even when "static group" is set as target. 
It only shows like that when you try to "edit trigger". 

This is not true. It makes good sense to have both static and dynamic groups and users use both a lot. Unlike static groups dynamic groups are evaluated by agent on clients. For instance, with static groups only, it would not be possible to change the membership and run specific tasks on clients if they were not reporting to ESMC (e.g.  roaming clients) and an unhandled threat would be detected.

Hi Team,
 
Description: Example REST API usage with Perl / Python
Detail: An example document on how to use the API with Perl would be helpful you have one using C however I would just like to create a few script based calls to it using Perl for use with Nagios and other systems I have to integrate further with our other tools.
 
Description: Failure Details inside Web Interface,
Detail: Most of the time when a task fails it provides hardly any details why I need to follow the rabbit hole to the trace log,
 
Description: Slackware Linux Support /+ Native x64 support without 32 bit libs
Detail: I run 100s of Slackware Servers and have gone away from multilib etc, Also activate product from Remote Administrator rather than having to download an offline license for them
 
Description: Use Latest option for software install
Detail: Software install of ESET use latest option would be helpful eg tick a box and policy would always use the latest version available of eg Endpoint Antivirus when running the task
 
Description: From Dashboard take filters and generate a Dynamic Group / Action
Detail:  I forever have out of date machine on the dashboard and have to copy the filters down and go an create a dynamic group from them to trigger an upgrade can a button be incorporated ( where you have generate CSV /PDF etc ) to say generate dynamic group please
 
Thanks
Tim
 
 

Do you have Endpoint v7.3 installed? Next week we're going to release a hotfix v7.3 which will also have some issues with Scheduler fixed so it might be worth to try it then.

Anything new on this one.
I was hit by the same problem.

Automatic updates are ensured via the regular automatic update task in scheduler. You can control how often the task will run. By default it's 60 min. but it's also possible to shorten it to 10 min. if I remember correctly. The "more frequent updates" settings refers to streamed updates that are downloaded every few minutes.

ESMC is a complex mission-critical product and it's important for administrators that it runs reliably all the time. Upgrade should be performed after backing up the database and at the time when administrators can afford to solve possible issues should something go haywire during upgrade. Likewise administrators do not let server systems upgrade automatically and immediately after the OS maker releases updates not addressing critical vulnerabilities.

You can block communication with EPNS IP addresses listed at https://support.eset.com/en/kb332-ports-and-addresses-required-to-use-your-eset-product-with-a-third-party-firewall. (https://support-backup.eset.com/storage/IMAGES/en/6328_KB332/EPNS.txt)

There is a permanent connection held open to a host outside the corporate network from every client for triggering actions on that client. This is something not being tolerated and I really can understand that point of view. This is even more senseless if your clients are on the same network segment as ESMC server. This should be configurable similar to cloud based feature. It seems that customer will choose a different product for this reason.
Cheers.