Jump to content

esets_scan logging


Recommended Posts

thanks Marcos,  fair enough,  wouldn't want to clutter things.  So How is that configured,  if I run esets_scan with --scanlog and it finds malware or a trojan,  I don't see anything showing up in ERA.    We're obviously pretty new to ESET.  And are testing our configuration.  Here is the command line I used:

/opt/eset/esets/sbin/esets_scan --scanlog 1:Administrator --clean-mode=none --quarantine --log-all

Link to comment
Share on other sites

  • Administrators

I would recommend contacting customer care. At least on Windows the on-demand scanner reports any found threats to ERA so I'd expect the Linux version to behave in a similar fashion.

Link to comment
Share on other sites

  • ESET Staff

Is ERA agent installed on the system? Do you use ERA 6.5? Is Linux product configured to connect to era server on “localhost” with port set to “2225”? 

Link to comment
Share on other sites

  • ESET Staff

Was this running normally before, or this is a fresh install, that has those issues? Is the product correctly reported as installed, and connecting inside the ERA webconsole?

Link to comment
Share on other sites

  • ESET Staff

I have checked it with latest product (is there any reason you are not using 4.5.9.0?) and it seems to work. both threat and scan were reported in ERA. Quarantine content was also updated.

Link to comment
Share on other sites

Thanks Martin,   The agent was upgraded yesterday to 4.5.9.0.  WRT to normal running,  I'd say  no.  After the upgrade I ran a full scan before leaving the office, sadly from the Remote Administrator Console it shows that scan is still running now.  The log file on the server shows an error shortly after the scan was started:

  Feb 21 15:25:52 puppet2 esets_sci[30622]: warning[779e0000]: Cannot read from socket: Connection reset by peer
Feb 21 15:25:52 puppet2 esets_sci[30622]: error[779e0000]: Cannot scan: Daemon closed connection

 

Link to comment
Share on other sites

Something is definitely wrong on this machine,  I've a scan running that was started ~40 minutes ago with the same result "connection reset by peer" (syslog output)  and it still shows as running in ERA,  nothing written to syslog for 30 minutes.   I think I'll open a case.  

Edited by bitterandstout
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...