Jump to content

zhopkins

Members
  • Content Count

    17
  • Joined

  • Last visited

  • Days Won

    2

zhopkins last won the day on July 28 2016

zhopkins had the most liked content!

Profile Information

  • Gender
    Male
  • Location
    USA

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Marcos, the clients in question are all servers. They are online 24/7 and check-in every few minutes to ESMC.
  2. Martin, We restarted the ESMC server late last night, in hopes it would help the task to run at its scheduled time this morning. That did not help. However, restarting the client machines that were supposed to run the task, did help. Once restarted, the client machines immediately began to run the task. I also verified that the task UUID shows up in the trace log, and sure enough, it was right there on every single one (showing "generate a tick for a missed event", timer registration for the next occurrence, and the actual task execution). Your note about this being more likely to happen as time progresses also seems evident in our environment - roughly a third of the machines missed the task on the first run, followed by half on the next run, and closer to 2/3 on the subsequent runs. Thanks for posting, we'll be on the lookout for the next release!
  3. Even when changed from a CRON expression to just a weekly event, the clients are still not running this weekly task. I can manually select any client, and add the task with an "As soon as possible" trigger, and the client will begin execution immediately, so the overall task is fine, its just that the reoccurring task simply doesn't run on a random portion of the assigned clients. If anyone has any suggestions at all, it would be much appreciated!
  4. MichalJ's suggestion worked for us. We marked all of the related firewall alerts as resolved, and then modified our server policy to have the Log, Block, and Notify options set to "No", and it has been quiet ever since. B-G, just to confirm - if you open the File Security client on one of your machines and check its setup, I assume that you can see your desired IDS configuration there, with all of the options set to No? (Just making sure that it received the corrected policy)
  5. Yes, we're seeing this behavior too. After setting the first batch of alerts in ESMC, I found this post. I then added the policy exception (any alert, with a specific remote address, all other options at default), and marked the old threats as resolved. 24 hours and another Nessus scan later, and the alerts are back.
  6. We've setup a client task to install OS updates on a weekly basis to a select group of servers, but for several clients this task still shows as planned, never executed. We've gone through two weeks now, and the task still hasn't executed, with seemingly no explanation as to why. The client task runs the "Operating System Update" task. "Automatically accept EULA" is checked, "Install optional updates" is un-checked, and "Allow reboot" is checked. The trigger is applied to 25 individual clients, with a CRON schedule, "0 0 3 ? * FRI *" (Every Friday at 3am), no random delay, "Invoke ASAP If Event Missed" and "Use Local Time" are both checked. The trigger shows "Planned - Yes" for all 25 clients. The trigger shows "Last Status - Finished", along with a Last Progress Time and "Progress - Task finished successfully" for 17 of the clients. The remaining 8 clients have these 3 fields blank. All of the clients are checking in with the server at 5-minute intervals. The status.html files on the clients are all green. All of the clients are Windows 2008R2/2012R2, with Management Agent version 7.0.553.0. The server version is 7.0.553.0. All of the clients had at least 5 updates available and ready for install when the task was created. The agent trace logs appear unremarkable. Our timezone is US/Eastern, UTC-0400. The trace log from a client not executing the task is devoid of useful information (I checked at least 3 of them, and they only show the one line from today). I also checked a client that ran the task successfully last week, but had no further updates to install this week. This client's trace log for today looked identical to the client that isn't running the task. 2018-09-28 12:03:51 Warning: CEssConnectorModule [Thread 178c]: Set policy request to product was successfull The trace log from a client that did execute the task this morning, and successfully installed updates, looks to be chock full of details (file attached). If anyone has any thoughts or suggestions as to why some clients aren't running the tasks as requested, they would be much appreciated. Thank you! eset-tracelog_clientwithupdates.txt
  7. Has anyone else seen this warning message from Google Chrome? The message could be closed by typing in a different web address or re-launching the browser. The machine in question is running Windows 10 Education (1703), Eset Endpoint Antivirus 6.6.2072.4, and Chrome 67.0.3396.87. We're still testing Windows 10 build 1803, which won't go out for another month or so. We're also testing Eset 6.6.2078.5, which should be pushed out within 2 weeks, but I'd like to make sure that we're not about to get bombarded with a headache. Thanks!
×