Jump to content

Kupierbelt

Members
  • Posts

    12
  • Joined

  • Last visited

Posts posted by Kupierbelt

  1. Hello Team,

     

    We have ERA 5.2.22 SERVER version and all the clients are having ESET Security 4.0.10.  All clients are "Linux" servers.

     

    We are scheduling the weekly scans and getting the logs which has the information as below;

     

    Total number of items scanned: xxxxxxx (the number varies depends on the client)

     

    There are handful of files/mount points which are with the following error message as

    [4] error opening -- This means that the files may be in use by another process/application and that is fine for us

     

    Now, we need to generate the scan report with the below tabs; (This is just an example to show what we are expecting from the report)

     

    Computer Name, Scanned paths (paths like /etc, /home like), Scanned items (total numbers of items), infected, cleaned, status etc.,

     

    I tried creating a custom report from the ERA Console, but it is just empty template with no data on it.

     

    We reached out to the ESET support and they told us that there is only way to get all detailed log information is to enable "Summall" settings in the logging configuration.  This will create "HUGE" log files on the clients and the clients won't report back to the ERA console due to the larger log file size.  We faced this issue before and at that time ESET support had us to disable "Summall" settings.

     

    Now, the ESET report is not sure on how to get this kind of report for Linux clients.

     

    My Question:  Is there anybody here ever faced this type of need/issue with scan reporting?  If so, could you please share what you did to get the detailed report.

     

    Thanks in advance.

  2. Hello Team,

    We are running the scheduled scans for almost 50+ servers. Only 10 servers are reporting back to the ERA console and visible in the \"Scan Log\" tab. We are not able to see the remaining clients reporting to the scan log.

    All the clients are Linux servers and running with ESET Security 4.0.10.0

    The ERA server version is 5.2.22

    Kindly let me know what all should I need to check on the client side or in the ERA console.

     

    Also, please let me know if any more information is needed to check why some clients are not reporting back with Scan Logs.

     

    All the clients are connected to the ERA console and receiving updates from the ERA server without any issues.  But it is just the "Scan log" is not visible.

     

    Thank You
     

  3. Hello MichaelA and Marcos,  I apologize for the delay in my reply.  I was OoO and just came back.

     

    @ MichaelA,

     

    I did check the two things as you mentioned, I confirm that the ports 2221-2223 is configured with the firewall exceptions.  I also confirm that the clients are configured with correct ERA server and port information on them.

     

    @ Marcos,

     

    This is not resolved.  The status as follows;

     

     

    **********************************************************

    The clients which are showing up in the console of the new ERA server are having the following log;

     

    [2015-02-09 19:33:10.346] V5 [54d97bf6afa5] [00000cb0] <SESSION_INFO> Kernel connection from xxx.xx.x.xx:33496 closed (code 0, took 141ms, name 'machine_name', mac 'XX-XX-XX-XX-XX-XX', product 'ESET Endpoint Antivirus', product version '05.00000.02237', virus signature db version '11150 (20150209)')

     

    The clients which are not showin up in the console but are connecting to the new ERA server has the following log;

     

    [2015-02-09 19:33:14.960] V5 [54d97bfaafa6] [00000cb0] <SESSION_INFO> Kernel connection from xxx.xx.xx.xxx:44754 closed (code 0, took 156ms, name 'machine_name', mac 'XX-XX-XX-XX-XX-XX', product '', product version '', virus signature db version '')

    **********************************************************

     

    From the above logs, the clients which are showing up in the console displays the product information in the log but the clients which are not showing up in the console are not displaying any product information.

     

    I have verified that the clients are configured with the correct ERA server and port number information on them.  But not sure what is blocking them in appearing in the console or what is blocking the server from fetching the client information.

     

    This is the reason that we went to upgrade the clients from 4.x to 5.x and see if they are connecting and I have succeeded on that.  I had few issues on this that it requires me to first uninstall the 4.x client and then do a fresh installation of 5.x version.  I am performing this action from the ERA Remote Install.  Now, I am looking for a script that helps me to perform this activity on the enterprise level to automate the task.

     

    Thank You.

  4. Hello Team,

     

    I recently had to migrate aroud 200+ clients from ERA 4.x to ERA 5.x.

     

    I followed the KB articles in ESET to create a configuration task and configured the task with Primary Server and Update Server information.  Applied the tasks to the clients.

     

    Now, the clients are showing up in the new ERA server logs as follows;

     

    [2015-01-28 18:00:29.681] V5 [54c9943d1535] [00000a28] <SESSION_INFO> Kernel connection from xxx.xx.x.xx:9980 accepted
    [2015-01-28 18:00:29.681] V5 [54c9943d1535] [00000a28] <SESSION_INFO> Kernel connection from xxx.xx.x.xx:9980 closed (code 0, took 0ms, name 'Machine_Name', mac 'XX-XX-XX-XX-XX-XX', product '', product version '', virus signature db version '')
     
    But they are not showing up in the console. 
     
    Could anyone faced this same issue before and help me out to get the clients on the console.
     
    If more information is needed please do let me know and I will update.
     
    Thank You.
  5. Hello Arakasi,

     

    Yes, I am referring to the policy.  I am sorry if I expressed the terms incorrectly.

     

    My scenario, I am already having a policy (mainly windows centric) which is in 4.x version and applied to 100+ clients.  Now, I want to make a new policy for Macs.

     

    My Question is : Will I be able to clone the existing windows centric policy and then make changes according to the MAC and apply exclusively for MACs, or Should I create a new policy for MAC from the scratch.

     

    Thank You

  6. Hello Arakasi/Marcos/Team,

     

    Now, I have a question on the ESET profile:  In the existing 4.x version I have a live profile for the clients but that is Windows based.  Now, I need to create a profile for Mac Computers.  

    Could you please help me on how can I create a new profile based on the current (windows based) or should I create it afresh from the scratch for the Mac?

     

    Many thanks in advance.

     

    Thank You

  7. Hello Arakasi,

     

    Thank you very much for the reply and explanation.  Yours and Marcos's reply are very useful to me.

     

    I will go ahead and setup a new server and install latest ERA on that and will go ahead with Export/Import of the policies/settings as you mentioned.

     

    Thank You

     

    Note to Moderators/Admins:  I will keep this thread open for one more day to post any issues/queries in case if I face any while policy migration or any other issues at the time of migration from 4.x to 5.x.  Then I will mark this thread as "Solved".  Thank You.

  8. Hello Marcos,

    Thanks for the reply and suggestion on the version upgrade.

     

    It brings me two other questions :)

     

    If I plan to install ERA version 5.x on a new server as a fresh clean install, is it possible for me to get the policies/settings from the old server 4.x???

     

    If this is the case then how can I point the clients to the new server?  Do I need to go individual clients and configure the primary server manually or is there a way to do it from the ERA console itself?

     

    Thank You

  9. Hello,

     

    I am very new to the ESET management and deployment.  

     

    I have two questions with respect to the ERA Server.

     

    Question 1: 

     

    I have deployed two ERA servers in two locations (geographically two locations) and configured Replication between them.  I have designated one server as Primary and other one as Member.  Now, I am able to see both the ERA servers from the Primary Server console and clients of both ERA servers in the Primary Server as well.  This is fine till this point.

     

    Now actually my question : If my users are travelling from one location from another location will the ESET Nod 32 Antivirus client installed on their laptops choose the Primary server automatically based on the location or they will be configured with one Primary server as fixed irrespective of the location?

     

     

    Question 2:

     

    I have a old ERA server in a different environment running on 4.x.  It has almost 100+ clients having ESET NOD 32 Anti Virus Business Edition running on them.

     

    Now I need to upgrade this ERA server to 5.x.  Will it impact the existing clients?  I came across the forum for this question stating that when I upgrade all the client connections will be terminated.  Also, I need to migrate the policy from 4.x to 5.x.  But would like to get some more inputs on this like is there any tool from ESET that will do all the migration at the time or after the Version upgrade etc.,

     

    Any help would be highly appreciated.

     

    Many thanks in advance.

×
×
  • Create New...