StooIT
Members-
Posts
23 -
Joined
-
Last visited
-
These events are logged in the ESET endpoint products under Log Files/Events (ESET Kernel) I find it surprising that these events are not centrally logged on the Protect server for reporting. An example of which (from a workstation) is attached. Seeing as PCI DSS requires logging and reporting of these updates, I guess we'll have to rethink our endpoint security provider.
-
Hi all, I'm finding the reporting in ESET Protect a little bit stunted, and wondering if it's me or the product that's at fault here. We want to generate a "Antivirus Definitions Updated" report on an ad-hoc basis that would be filterable by "Computer Name" and "Data of Occurrence", and the report show the time/date stamp, detection engine database version and database date. I can create such a report, but it only gives me the current database version/date, not the database versions updated throughout the day and the date/time they where updated. For example (data added here is made up) we want to see: Computer001, 28540P, January 9th 2024 14:00 Computer001, 28539P, January 9th 2024 12:20 Computer001, 28538P, January 9th 2024 11:10 Computer001, 28526P, January 8th 2024 17:00 Currently, my report will only give me 1 line, which would be the last time the machine updated it's database, even though it may have updated multiple times in a day. Example: Computer001, 28540P, January 9th 2024 14:00 It seems a huge oversight to not be able to report on historical data like this, so guessing it's down to me setting up the report wrong? Can anyone help with this, as our PCI DSS accessor needs to see each occurrence of the definition files being updated in a day, not just that it is up to date. Many thanks in advance.
-
Trooper reacted to a post in a topic: EES 11.0.2032.0 issue with Outlook web add-ins
-
EES 11.0.2032.0 issue with Outlook web add-ins
StooIT replied to mrac's topic in ESET Endpoint Products
If you don't want to go on the pre-release channel, you could temporarily disable the "Enable advanced scanning of browser scripts" in a policy, and apply it only to the machines that need the fix. -
Trooper reacted to a post in a topic: EES 11.0.2032.0 issue with Outlook web add-ins
-
EES 11.0.2032.0 issue with Outlook web add-ins
StooIT replied to mrac's topic in ESET Endpoint Products
Same here, running 1334 and IE Mode no longer crashing with our legacy web app. Hopefully 1334 will go live soon, as I don't really want to put everyone in to a pre-release channel -
StooIT reacted to a post in a topic: EES 11.0.2032.0 issue with Outlook web add-ins
-
StooIT reacted to a post in a topic: EES 11.0.2032.0 issue with Outlook web add-ins
-
StooIT reacted to a post in a topic: EES 11.0.2032.0 issue with Outlook web add-ins
-
EES 11.0.2032.0 issue with Outlook web add-ins
StooIT replied to mrac's topic in ESET Endpoint Products
Spot on mrac, thanks for that, that's saved having to reinstall version 10. Will wait for the secure browser module to be updated before I turn it back on. -
EES 11.0.2032.0 issue with Outlook web add-ins
StooIT replied to mrac's topic in ESET Endpoint Products
Thanks Marcos, we'll downgrade to v10 on some selected PC's to get them up and running again. -
EES 11.0.2032.0 issue with Outlook web add-ins
StooIT replied to mrac's topic in ESET Endpoint Products
Not to hijack, but we're running v11.0.2032.0 and currently trying to track down an issue with Edge in IE Mode (to run a legacy web application), when one particular page loads the tab crashes and the Internet Explorer process gets chopped. The only way around it at the moment is to uninstall ESET, which is not a desired fix. Is there anything in the ESET policies that can be turned on/off to overcome the issue? Many thanks! -
OLLGD reacted to a post in a topic: Version 9.0.12012.0 - Windows updates required no longer reports to Protect Server
-
StooIT reacted to a post in a topic: Execute powershell scripts via ESET Protect
-
StooIT reacted to a post in a topic: ESET Endpoint Shutting Down After Scheduled Scan with 9.1.2051.0
-
ESET Endpoint Shutting Down After Scheduled Scan with 9.1.2051.0
StooIT replied to GDI's topic in ESET Endpoint Products
Great news, thanks Marcos -
StooIT reacted to a post in a topic: ESET Endpoint Shutting Down After Scheduled Scan with 9.1.2051.0
-
StooIT reacted to a post in a topic: ESET Endpoint Shutting Down After Scheduled Scan with 9.1.2051.0
-
ESET Endpoint Shutting Down After Scheduled Scan with 9.1.2051.0
StooIT replied to GDI's topic in ESET Endpoint Products
Thanks Marcos, I'll send the files via email to my open ticket. I'll wait for them to get back to me. -
StooIT reacted to a post in a topic: Scheduled scan shutdown problem rears it's head again
-
Peter Randziak reacted to a post in a topic: ESET Endpoint Shutting Down After Scheduled Scan with 9.1.2051.0
-
ESET Endpoint Shutting Down After Scheduled Scan with 9.1.2051.0
StooIT replied to GDI's topic in ESET Endpoint Products
I've already raised the "Failed to copy files" under ticket 00388505, so will wait to hear back from that. 👍 -
Just to add to this one. Updated 8 clients to 2051 - these all now error with "failed to copy file" when attempting to do module updates. On 1 of the clients, I removed ESET (using the removal tool) and reinstalled 2051, this fails to start ESET with "Product setup failed", and also cannot do module updates. It's stuck waiting to perform it's first scan, as the module update cannot complete. In the network where these 8 clients were updated to 2051, the remaining clients on 2046 started to shutdown after the scheduled scan finished (scan set to start at 10:30am, shutdowns started shortly after this time). The scan policies on all clients are set to "no action" and shouldn't shutdown. I can only suspect that by updating some clients to 2051 has also made changes to the underlying policies on Protect Server, and now ignore the "do nothing" option in the scheduled scan, and forces a shutdown and older client versions as well. I've raised a ticket (00388505) in the hope both the modules not updating with "Failed to copy file" and the shutting down after scheduled scans can be investigated/fixed asap. I've had to disable all scheduled scans in the domain (across two Protect Servers) as a precaution.
-
StooIT reacted to a post in a topic: latest endpoint security reboots itself after update...again!!
-
StooIT reacted to a post in a topic: latest endpoint security reboots itself after update...again!!
-
ESET Endpoint Shutting Down After Scheduled Scan with 9.1.2051.0
StooIT replied to GDI's topic in ESET Endpoint Products
Thanks for taking the time to post. Is this to resolve clients shutting down after scheduled scan, or would this also resolve the "failed to copy file" I'm seeing when modules are trying to update? -
Having the same issue on 9.0.2046 clients but only those connected to the ESET Protect Server (we run two different ESET Protect Servers) that's rolled out 9.1.2051 to some clients (and those updated clients are now broken, and now cannot update. 9.0.2046 clients are shutting down after the scheduled scan finishes, and the policies are set to "Do nothing" after a scan.
-
ESET Endpoint Shutting Down After Scheduled Scan with 9.1.2051.0
StooIT replied to GDI's topic in ESET Endpoint Products
We've updated a handful of Windows 10 machines with 9.1.2051 and it's been reported that users are being rebooted, but some of them are still on 9.0.2046 so I'm rather confused. All the 9.1.2051 clients are in an error state saying they can't update "Failed to copy file" and reinstalling one of them says "Protection setup failed". Looks like my day is now ruined lol Raising a ticket, and hope someone in ESET can sort this one out. -
FRiC reacted to a post in a topic: Version 9.0.12012.0 - Windows updates required no longer reports to Protect Server
-
As there's been zero response to this thread from ESET directly, I raised a ticket to report this as a bug. For others out there wondering why this isn't working anymore, here's the official response from ESET. If you want to see this functionality returned, please raise a ticket asking for it to be fixed. If more customers report this, the better the chance of it being sorted out. If customers don't want this functionality, they can disable update warnings in the Management Agent policy.