karlisi 26 Posted October 29, 2018 Share Posted October 29, 2018 In ERAS 6 on every saturday around 23:00 computer group names changes back to default. I have 'Lost and found' renamed to '_Lost and found' to get it to top of group list, it reverts back. Group 'Problematic computers' is copied to new group 'Problematic computers_date-and-time' with the same template. Deleted group 'Computers with outdated operating system' also is back. First occurrence was October 6th if I remember correctly. This is ERAS virtual appliance on CentOS, nothing more is added to it, except Zabbix monitoring agent. No server or client tasks are running at that time. Question - how to find what process is making these changes? In CentOS logs nothing special in this time. Link to comment Share on other sites More sharing options...
ESET Staff MartinK 378 Posted October 29, 2018 ESET Staff Share Posted October 29, 2018 This would happen in case of ESMC installation repair. Could you verify no components upgrade task is scheduled on local AGENT installed in appliance? Also installation repair might be executed by external process but it is definitely not standard behavior, so if this is the case, someone must have configured it manually. Link to comment Share on other sites More sharing options...
karlisi 26 Posted October 29, 2018 Author Share Posted October 29, 2018 There was failed RA Components Upgrade task, but it seems unrelated. Running on Sundays, not Saturdays, every time finished successfully, only last Sunday exited wit error. Error text is 'Upgrade infrastructure task failed: Failed to upgrade WebConsole with: GetFile: Error reading HTTP response data (0x4e2a)' Link to comment Share on other sites More sharing options...
ESET Staff MartinK 378 Posted October 29, 2018 ESET Staff Share Posted October 29, 2018 1 minute ago, karlisi said: There was failed RA Components Upgrade task, but it seems unrelated. Running on Sundays, not Saturdays, every time finished successfully, only last Sunday exited wit error. Error text is 'Upgrade infrastructure task failed: Failed to upgrade WebConsole with: GetFile: Error reading HTTP response data (0x4e2a)' Failure is unrelated, but it actually means that you are running components upgrade task automatically -> and that is what causes your problem. I would recommend to disabled it, at least on machine where ERA/ESMC is installed. Even when there is no upgrade available, installation repair will be executed, and that is what renames your groups. If I recall correctly, behavior has changed in latest version, where not even repair is executed, but I am currently not able to confirm. Link to comment Share on other sites More sharing options...
karlisi 26 Posted October 29, 2018 Author Share Posted October 29, 2018 OK, task removed. BTW, why this appeared only month ago? Link to comment Share on other sites More sharing options...
Recommended Posts