Maxim. 2 Posted January 3, 2018 Share Posted January 3, 2018 One of pc with recently installed Endpoint has a warning " Detection Engine out of date ", when I tried to run updates via console or manually it says "Server not found". In the meantime, I can see that ERA agent is online and internet works fine. In events log, I can see that updates were ok, but since today's morning, there is error. In diagnostics menu I turned on Update engine advanced logging, it created file "updater_DATE.etl". How can I process this log? When I trying to open it with notepad most of it unreadable. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,286 Posted January 3, 2018 Administrators Share Posted January 3, 2018 Please post the etl log here and I will check it out. It can be read only be ESET staff since symbols are required in order to open it in a readable form. Link to comment Share on other sites More sharing options...
Maxim. 2 Posted January 4, 2018 Author Share Posted January 4, 2018 19 hours ago, Marcos said: Please post the etl log here and I will check it out. It can be read only be ESET staff since symbols are required in order to open it in a readable form. I've sent logs to you in a direct message. Link to comment Share on other sites More sharing options...
Maxim. 2 Posted January 4, 2018 Author Share Posted January 4, 2018 Any news? Link to comment Share on other sites More sharing options...
Maxim. 2 Posted January 5, 2018 Author Share Posted January 5, 2018 (edited) Hi, I've done some research and I can see that update.eset.com and some of updates server from here are available from the computer. But still same error:-( I've tried to put IP or hostname to specify update server, but I've got only "bad server link" error. Edited January 5, 2018 by Maxim. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,286 Posted January 5, 2018 Administrators Share Posted January 5, 2018 There's no communication with ESET's servers in the log whatsoever. If you have Endpoint Security installed, enable advanced firewall logging besides advanced update engine logging and run manual update. Then disable logging, collect logs with ESET Log Collector, upload the generated archive to a safe location (e.g. OneDrive, DropBox, etc.) and drop me a message with a download link. If you use Endpoint Antivirus, instead of enabling advanced firewall logging capture the network communication with Wireshark while attempting to update. Make sure that a firewall is not blocking ESET from accessing update servers. If you connect through a proxy server, make sure it's configured properly in the advanced setup -> tools -> proxy server. If you don't use a proxy server, make sure it's disabled in the advanced setup. Link to comment Share on other sites More sharing options...
Maxim. 2 Posted January 9, 2018 Author Share Posted January 9, 2018 On 1/5/2018 at 7:56 PM, Marcos said: There's no communication with ESET's servers in the log whatsoever. If you have Endpoint Security installed, enable advanced firewall logging besides advanced update engine logging and run manual update. Then disable logging, collect logs with ESET Log Collector, upload the generated archive to a safe location (e.g. OneDrive, DropBox, etc.) and drop me a message with a download link. If you use Endpoint Antivirus, instead of enabling advanced firewall logging capture the network communication with Wireshark while attempting to update. Make sure that a firewall is not blocking ESET from accessing update servers. If you connect through a proxy server, make sure it's configured properly in the advanced setup -> tools -> proxy server. If you don't use a proxy server, make sure it's disabled in the advanced setup. Thank you. I'll try to use Wireshark. Can you tell me how to specify update server in settings? I've tried, but always same "bad link to update server" Link to comment Share on other sites More sharing options...
Recommended Posts