Jump to content

michalp

ESET Staff
  • Posts

    87
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by michalp

  1. You have put DSN into driver name parameter: --db-driver myodbc_mysql_dsn . Change it to: --db-driver myodbc_mysql
  2. As the report and its report template were not existing on the server, log filter did not send those logs to server to save traffic. Just wait some time after you saved the report until agents are informed about changes in log filter. Report preview shows just random data.
  3. The appliance configuration is done only once after first reboot. It can't be reconfigured afterwards. These are supported locales: ar-EG, cs-CZ, de-DE, en-US, es-CL, es-ES, fr-CA, fr-FR, hr-HR, it-IT, ja-JP, ko-KR, pl-PL, pt-BR, ru-RU, sk-SK, zh-CN, zh-TW
  4. The problem is that you are grouping data (Group by) and those time and dates need to be merged. Either change TIME INTERVAL UNIT (click those arrows next to the symbol) or change the report - remove group by operation from columns.
  5. The agent does the OS check independently from EES. By default they both check for OS updates. By setting policy for agent, you will only disable checking on the agent but EES will still do the checks.
  6. When you temporarily disable HTTP proxy (e.g. port 3128 is not accessible or you completely stop the service) does it help? I suspect that something is connecting through HTTP proxy on the appliance and that is causing this bursts. HTTPS communication is not cached so it goes always through proxy.
  7. You will need to create a new report from 'Logged users' symbols category and add 'Computer name' symbol from 'Computer' symbols category.
  8. OS up to date check is resource consuming as it needs to contact Windows Update servers and ask for new updates. That is why it is not done on every agent connection to server, but on Windows it is done each 18 hours or 10 minutes after agent startup. There are two possibilities to change this behaviour: 1. Suppress this check by policy on computers where do you have EES installed. Endpoint will take over OS update checks. 2. Run OS update task from ERA. This task will update OS and run re-check afterwards.
  9. I see, did you unmount VMWare Tools ISO after installation and then finished installation in the virtual machine menu: VM -> Guest -> End VMware Tools installation? I had to do that and restart.
  10. In ERA6, Agents are identified by unique identifier (UUID) generated during installation (manual, server assisted, live installer) or during push install (generated on Server prior to installation). MAC address is not longer used. In your case it is possible that there is bug - Are you sure that those duplicated records, you can see in the console, are indentical? When you rename one of those computers, are both computers renamed?
  11. The only difference should be a check for error codes after installation completes or fails. Are you able to access agent's trace log on machine that is failing? And if possible also c:\windows\temp\era-updater-msiexec.log. There was issue earlier that did not handle required reboot and we would like to check if this is the case.
  12. Is the appliance configured as HTTP proxy and are you using it by client machines?
  13. Please see ERA Agent trace log and c:\windows\temp\era-updater-msiexec.log and c:\windows\temp\ra-upgrade-infrastructure.log to see what is failing.
  14. Please check virtual machine properties -> Options tab -> vApp Options is set to Enable, then OVF Settings, section OVF Environment Transport, ISO Image is also checked. Save settings and restart machine.
  15. Web control report is not created by default. You will need to create it manually - new report template and add columns from 'Web control' category.
  16. The certificate selection is up to you. Probably the first one uses password to protect private key and the second one uses empty one (requirement for server assisted install). Push install requires internet connection. There isn't any workaround for this.
  17. At this moment the only option would be to rename the computer manually. In ERA 6.2 there will be a server task and GUI wizard to that for you.
  18. '--cert-path' parameter is not pointing to a certificate file. Check if that path is correct.
  19. Same guide is for appliance (hxxp://help.eset.com/test/era/6/en-US/index.html?component_upgrade.htm). Version 6.1.33 is same as 6.1.28 except new installers.
  20. I think there is problem with certificates as appliance creates new certification authority. The fallback mechanism in Agent will try to connect to new server and then connect back to the old one. The KB article expects that server installation is same (same DB or same machine) but its IP address has changed. In your case, you can repair server installation in appliance with certificates from your Windows installation. Navigate to /root/eset_installers and run Server installer with certificates (CA and Server peer certificate) that you transferred to appliance (e.g. WinSCP).
  21. Check /etc/hosts and /etc/krb5.conf files whether they are correctly configured and that 'kinit <username>' works. Also error from server trace log (/var/log/eset/RemoteAdministrator/Server/trace.log) would be helpful.
  22. From the RDSensor detection log that chris375 posted, it seems that OS detection probes are not returning. If OS can not be detected for a network device, then it won't be sent to ERA as a computer. Idea was that network devices (printers, routers) should be filtered out. RDSensor was compiled with libpcap version 1.3.0, please verify that you have this version installed on your system. Second requirement is bridged network from virtual machine where RDSensor is installed. If all those requirements are met, you can try to run nmap with OS detection (hxxp://nmap.org/book/osdetect-usage.html) to see whether it can detect OS on some computer. If not then RDSensor will no be able to that too.
×
×
  • Create New...