macros
-
Posts
78 -
Joined
-
Last visited
Posts posted by macros
-
-
is old database still exist. i think we can import cert from database.
i see tbl_certificate but dont know how to export it.
-
1. how to create task to delete duplicated computer that was reinstall with new endpoint.
There is similar task (Delete not connecting computers) also in ERA 6.
2. In lost and found there is two status of 1 computer. Is it normal?
first, agent and endpoint installed.
second one, unmanage.
Are you using any kind of computers synchronization (AD, LDAP)?
hello,
thank you for the link Delete not connecting computers.
yes, they use AD in network.
-
hello,
want to ask 2 question:
1. how to create task to delete duplicated computer that was reinstall with new endpoint.
in era 5 it easly to set, delete computer not connected for last..
2. In lost and found there is two status of 1 computer. Is it normal?
first, agent and endpoint installed.
second one, unmanage.
thank you,
-
Could you confirm that you don't connect through a proxy server and that proxy server is disabled in the advanced setup -> Tools -> Proxy server?
we dont use proxy server.
proxy server under Tools -> Proxy server is disable by default setting.
http proxy under update menu, change to: Do not use proxy server. but still cannot activate.
thank you,
-
hello,
we try to activate smart security but failed.
it said Activation failed
we could not reach the activation server
internet connection is OK.
how to solved this.
-
maybe, this thread can give you work around.
https://forum.eset.com/topic/8689-lisence-on-client-wont-update/#entry46005
-
Hello,
I have a question from client. Is Eset can detect and protect they pc from LowLevel04 ransomware. I search virustotal.com but found nothing about this ransomware.
What the name of this ransomeware in Eset database?
Thank you,
Appears to be a CryptoWall variant. Details here: hxxp://www.bleepingcomputer.com/news/security/help-recover-files-txt-ransomware-installed-by-targeted-terminal-services-attacks/
Also could not find a specific signature by anyone for it which leads me to believe it is covered under existing CryptoWall signatures.
i think this is not varian, cryptowall use .cr or .ro extention.
lowlevel04 use oorr.file-name.original-extention
-
Hello,
I have a question from client. Is Eset can detect and protect they pc from LowLevel04 ransomware. I search virusradar.com but found nothing about this ransomware.
What the name of this ransomeware in Eset database?
Thank you,
-
this is a bug.
Hello, we have identified a bug, where on slower internet connection it might fail, due to hard-coded timeout set to 120 seconds. Meaning, if your internet connectivity is not fast enough to download the agent & endpoint installers in time below 2 minutes (approx 150 MBs in total), it would fail to generate the installers. We are investigating the quickest / safest way how to fix the issue. We will let you know, once decision has been made.
https://forum.eset.com/topic/8946-cant-download-package-era64/
-
same case about computer name.
-
@ Comunic
- Upgrade of ERA agents is generally recommended due to performance optimizations and stability fixes of the new 6.4 version. However, it is safe to use 6.3 agent with 6.4 server as well.
- Besides the commands listed above, we are working on a standalone deployment tool, that will allow remote push deployment of the package installers.. This will be released either together with ERA 6.5 or sooner.
- This will be changed to ERA 6.5 (December 2016).
@Macros
- It is not possible to create from offline installer files. Your ERA server has to have access to ESET Repository. Please make sure, you have selected the right installers.
access to repository is ok,
select right installers.
but still, cant download installer.
-
hello,
i try to create all in one insataller. but more than hour there's no download progess.
is there any chance to create from offline installer files?
thank you.
-
what date time end eset endpoint 6.4 lunch
released on January 21, 2016
we wait for era 6.4, as MichalJ said above it will be release on July 12 or today.
-
Yes, they have to do it via ERA task. As the Endpoint does not have any seat name, then I really think it was activated using offline license file. I would also recommend upgrading the Endpoint client, as it is running version 6.1 which is quite old.
i will suggest them to upgrade when era version 6.4 release along with era.
when user upload offline lisence, it says: Failed to add lisence by security admin credential: The provided security admin credential are invalid.
-
If the computer was activated with a offline license, then in case of a renewal / upgrade, they need to do the following:
- Renew the license
- Generate a new offline license file, and import it into ESET remote administrator
- Activate all of the computers with the new offline file.
However, on the first screenshot, the license indicates, that 232 out of 250 seats on the license were activated "online", meaning that the license should be updated on the client automatically.
The second screenshot, with the PLID 33C-4CS-AA7 is not the same license, as they have different expiration date, and also this one is for 400 seats, instead of 250. Also, it shows the correct validity for 2018, in which case it should not display the error you have posted, as there is a correct expiration date for this seat. So I am a bit confused - is it, or is it not the same instance of the client? Than you.
sorry for my mistake with wrong screenshoot.
edited with right screenshoot now.
for step number 3, they need to do this via ERA task?
-
License should get updated automatically. There are few possible reasons:
1, you have activated this particular client via an offline lucense file (I see, that you have one generated)
2, the client is no longer possible to communicate with edf.eset.com
3, there was a problem when syncing our licensing systems (but this seems unlikely as the license in ERA shows the correct date).
Can you send me the screen shot of your license screen. What is the license expiry thate there? Does this happen on all of the computers or just few (one)? Can you send me the "seatname" as listed in "about" section of Endpoint security? We will use it for troubleshooting.
hello,
1. yes, they said mostly computer client activate from offline lisence, because more eficient then activate via era that fail frequently.
for this case, they should reactivate with new offline lisence?
here screenshoot.
thank you,
-
hello,
our user already renew they lisence, and from console expired to aug 2017.
but from client, it says lisence will end 12 day.
should we reactivate all client every time we renew the lisence?
-
It will be added to ESET Remote Administrator repository during next week. Concerning the bundle installer, it will allow creation of a all-in-one package combining ERA Agent, Endpoint Antivirus / Security, initial configuration for both, license, and it will be also possible to configure target group, where the installer will be placed. Please note, that this functionality will be available for Windows Endpoints only. ESET Remote Administrator 6.4 is planned to be released on July 12.
well, it's just good move.
simplycity deployment (combining ERA Agent, Endpoint Antivirus / Security, initial configuration for both, license) version 5 now in version 6.
thank you.
-
thank you for help.
now we can login to era server.
-
hello,
yes, Mysql ODBC driver version 5.03.06.
then, i just need to do uninstall mysql-connector-odbc from control panel, then install version 5.3.4?
thank you
-
hello,
user said other vendor has touch the server and dont know what they do with the server, since then era cannot be access.
2 days ago, we clean reinstall era server with mysql 5.6. everything looks ok until today, they said era cannot be access.
login page say: connection time-out.
ERAS service: running
Tomcat service: running
Mysql service: running
Windows firewall: off
restart whole system, nothing change. problem persist.
here last error.log
Last error log
Go to last error
Scope Time Text
Kernel 2016-Jun-08 06:17:53 Starting module CSNMPTrapSenderModule
CSNMPTrapSenderModule 2016-Jun-08 06:17:53 Starting module
CSNMPTrapSenderModule 2016-Jun-08 06:17:53 Started module
Kernel 2016-Jun-08 06:17:53 Started module CSNMPTrapSenderModule (used 0 KB)
Kernel 2016-Jun-08 06:17:53 Starting module CSyslogSenderModule
Kernel 2016-Jun-08 06:17:53 Started module CSyslogSenderModule (used 0 KB)
Kernel 2016-Jun-08 06:17:53 Starting module CReportPrinterModule
Kernel 2016-Jun-08 06:17:53 Started module CReportPrinterModule (used 120 KB)
Kernel 2016-Jun-08 06:17:53 Starting module LicenseModule
Kernel 2016-Jun-08 06:17:53 Started module LicenseModule (used 24 KB)
Kernel 2016-Jun-08 06:17:53 Starting module CMonitorModule
SchedulerModule 2016-Jun-08 06:17:53 Received message: RegisterTimeEvent
CEmailSenderModule 2016-Jun-08 06:17:53 Starting worker thread 1780
Kernel 2016-Jun-08 06:17:53 Started module CMonitorModule (used 488 KB)
Kernel 2016-Jun-08 06:17:53 Starting module CRepositoryModule
SchedulerModule 2016-Jun-08 06:17:53 Received message: RegisterTimeEvent
CRepositoryModule 2016-Jun-08 06:17:53 Processing repository synchronization request
Kernel 2016-Jun-08 06:17:53 Started module CRepositoryModule (used 28 KB)
Kernel 2016-Jun-08 06:17:53 Starting module CLogExportModule
Kernel 2016-Jun-08 06:17:53 Started module CLogExportModule (used 12 KB)
Kernel 2016-Jun-08 06:17:53 Starting module CPoliciesModule
Kernel 2016-Jun-08 06:17:53 Started module CPoliciesModule (used 0 KB)
Kernel 2016-Jun-08 06:17:53 Starting module CUsersModule
Kernel 2016-Jun-08 06:17:53 Started module CUsersModule (used 0 KB)
Kernel 2016-Jun-08 06:17:53 Starting module ConsoleApiModule
CRepositoryModule 2016-Jun-08 06:17:53 Synchronizing with remote repository
CRepositoryModule 2016-Jun-08 06:17:53 Synchronizing repository with url 'hxxp://repository.eset.com/v1/'
SchedulerModule 2016-Jun-08 06:17:53 Received message: RegisterTimeEvent
ConsoleApiModule 2016-Jun-08 06:17:53 0 MessageProcessorThread started: 5a0
Kernel 2016-Jun-08 06:17:53 Started module ConsoleApiModule (used 92 KB)
Kernel 2016-Jun-08 06:17:53 Used memory after modules start-up is 55596 KB
Service 2016-Jun-08 06:17:53 Kernel started
CDataMinersModule 2016-Jun-08 06:17:53 CFunctionalityLogDataMiner: Scheduled first publishing of funcitonality logs with 5s delay
SchedulerModule 2016-Jun-08 06:17:53 Received message: RegisterSleepEvent
AutomationModule 2016-Jun-08 06:17:53 NotificationTaskHandler: There are 1782 known localizable symbol names.
AutomationModule 2016-Jun-08 06:17:53 StaticObjectChangeHandler: ScheduleCheck: Next static object changes check in 15 seconds.
SchedulerModule 2016-Jun-08 06:17:53 Received message: RegisterSleepEvent
SchedulerModule 2016-Jun-08 06:17:53 Received message: RegisterSleepEvent
AutomationModule 2016-Jun-08 06:17:53 CActionsFacade: LoadAllTriggersWithMessage: Failed to load all triggers. Automation will not operate correctly!
CDataMinersModule 2016-Jun-08 06:17:53 DataMinerCompletionHandler: Failed to execute completion handler with: The associated promise has been destructed prior to the associated state becoming ready.
Generated at 2016-Jun-08 06:17:53 (2016-Jun-08 14:17:53 local time)trace.log in attachment
and thank you for help.
-
hello,
when my client open eset remote admin console it say "ERR_CONNECTION_REFUSED"
check tomcat service : started.
restart server: doesn't solved the problem.
here last error log.
Last error log
Go to last error
Scope Time Text
CReportsModule 2016-Jun-02 07:09:53 CleanupThread ending: 177c
Kernel 2016-Jun-02 07:09:53 Stopping module: CReplicationModule
CReplicationModule 2016-Jun-02 07:09:53 CReplicationModuleBase: Stopping module
CReplicationModule 2016-Jun-02 07:09:53 CReplicationManager: Stopping replication control messages processing
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Stopping
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Stopping work queue operations
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Worker thread f6c stopped
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Worker thread 1484 stopped
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Worker thread f90 stopped
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Worker thread 175c stopped
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Worker thread 1754 stopped
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Worker thread 1758 stopped
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Worker thread 16fc stopped
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Worker thread 360 stopped
CReplicationModule 2016-Jun-02 07:09:53 CReplicationModuleBase: Starting module
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Starting
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Creating 8 worker threads
CReplicationModule 2016-Jun-02 07:09:53 CReplicationManager: Starting replication control messages processing
Kernel 2016-Jun-02 07:09:53 Stop was not possible: CReplicationModule
Kernel 2016-Jun-02 07:09:53 Checking system bus content.
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Starting worker thread 1ac4
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Starting worker thread c9c
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Starting worker thread c98
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Starting worker thread 1adc
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Starting worker thread ca0
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Starting worker thread c94
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Starting worker thread d04
CReplicationModule 2016-Jun-02 07:09:53 CStepProcessor: Starting worker thread 1bf8
Kernel 2016-Jun-02 07:09:53 Restarting module: CReportsModule
CReportsModule 2016-Jun-02 07:09:53 CReportGenerator::Init() Looaded 151 Query usage definition.
CReportsModule 2016-Jun-02 07:09:53 0 MessageProcessorThread started: 19b8
CReportsModule 2016-Jun-02 07:09:53 1 MessageProcessorThread started: cb4
CReportsModule 2016-Jun-02 07:09:53 2 MessageProcessorThread started: c74
CReportsModule 2016-Jun-02 07:09:53 3 MessageProcessorThread started: 1990
CReportsModule 2016-Jun-02 07:09:53 CleanupThread started: 183c
CDatabaseModule 2016-Jun-02 07:09:56 Database connection down. Exception:[Microsoft][ODBC SQL Server Driver]Login failed for user 'era_user'. (18456)
CDatabaseModule 2016-Jun-02 07:09:56 Sending DatabaseStatusUpdate: isDbRunning=0
CDatabaseModule 2016-Jun-02 07:09:56 Database connection down. Exception:[Microsoft][ODBC SQL Server Driver][sql Server]Login failed for user 'era_user'. (18456)
CDataMinersModule 2016-Jun-02 07:09:56 CDefaultWriteLogHandler: Failed to write log of type AUDIT_EVENT with error: [Microsoft][ODBC SQL Server Driver][sql Server]Login failed for user 'era_user'. (18456)
Kernel 2016-Jun-02 07:09:56 Restarting module 'CReportsModule' failed with: [Microsoft][ODBC SQL Server Driver][sql Server]Login failed for user 'era_user'. (18456)
Generated at 2016-Jun-02 07:09:56 (2016-Jun-02 15:09:56 local time)and trace.log in attachment.
how to solved this problem.
thank you.
-
hello, anyone can help how to create template for report in this case.
thank you.
It depends on what exactly you want it to report. I would suggest you to look at existing reports and possibly clone them & edit to your needs. You will have to use data from section "Installed software".
Hi MartinK,
i want to see list "installed software in table view. could you please assist me how to create it?
thank you.
-
hello, anyone can help how to create template for report in this case.
thank you.
(Urgent) Restore Agent connection to new Era
in ESET PROTECT On-prem (Remote Management)
Posted
thank you for info MartinK.