bitterandstout 0 Posted February 21, 2018 Share Posted February 21, 2018 when running esets_scan is it possible to send the scanlog to the console on the Remote Administrator? We're running on linux. Ver 6.5 ERA Link to comment Share on other sites More sharing options...
Administrators Marcos 3,878 Posted February 21, 2018 Administrators Share Posted February 21, 2018 That shouldn't be possible. Only records with warning or critical severity are transferred to ERA. Link to comment Share on other sites More sharing options...
bitterandstout 0 Posted February 21, 2018 Author Share Posted February 21, 2018 thanks Marcos, fair enough, wouldn't want to clutter things. So How is that configured, if I run esets_scan with --scanlog and it finds malware or a trojan, I don't see anything showing up in ERA. We're obviously pretty new to ESET. And are testing our configuration. Here is the command line I used: /opt/eset/esets/sbin/esets_scan --scanlog 1:Administrator --clean-mode=none --quarantine --log-all Link to comment Share on other sites More sharing options...
Administrators Marcos 3,878 Posted February 21, 2018 Administrators Share Posted February 21, 2018 I would recommend contacting customer care. At least on Windows the on-demand scanner reports any found threats to ERA so I'd expect the Linux version to behave in a similar fashion. Link to comment Share on other sites More sharing options...
bitterandstout 0 Posted February 21, 2018 Author Share Posted February 21, 2018 thanks Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 402 Posted February 21, 2018 ESET Staff Share Posted February 21, 2018 Is ERA agent installed on the system? Do you use ERA 6.5? Is Linux product configured to connect to era server on “localhost” with port set to “2225”? Link to comment Share on other sites More sharing options...
bitterandstout 0 Posted February 21, 2018 Author Share Posted February 21, 2018 yes were using We're Running ERA 6.5 and the agent (4.5.7) is installed. And yes the product is configured to to connect to ERA on localhost & port 2225. Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 402 Posted February 22, 2018 ESET Staff Share Posted February 22, 2018 Was this running normally before, or this is a fresh install, that has those issues? Is the product correctly reported as installed, and connecting inside the ERA webconsole? Link to comment Share on other sites More sharing options...
ESET Staff MartinK 351 Posted February 22, 2018 ESET Staff Share Posted February 22, 2018 I have checked it with latest product (is there any reason you are not using 4.5.9.0?) and it seems to work. both threat and scan were reported in ERA. Quarantine content was also updated. Link to comment Share on other sites More sharing options...
bitterandstout 0 Posted February 22, 2018 Author Share Posted February 22, 2018 Thanks Martin, The agent was upgraded yesterday to 4.5.9.0. WRT to normal running, I'd say no. After the upgrade I ran a full scan before leaving the office, sadly from the Remote Administrator Console it shows that scan is still running now. The log file on the server shows an error shortly after the scan was started: Feb 21 15:25:52 puppet2 esets_sci[30622]: warning[779e0000]: Cannot read from socket: Connection reset by peer Feb 21 15:25:52 puppet2 esets_sci[30622]: error[779e0000]: Cannot scan: Daemon closed connection Link to comment Share on other sites More sharing options...
bitterandstout 0 Posted February 22, 2018 Author Share Posted February 22, 2018 (edited) Something is definitely wrong on this machine, I've a scan running that was started ~40 minutes ago with the same result "connection reset by peer" (syslog output) and it still shows as running in ERA, nothing written to syslog for 30 minutes. I think I'll open a case. Edited February 22, 2018 by bitterandstout Link to comment Share on other sites More sharing options...
Recommended Posts