This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Anti-virus update question

I received this response in another sophos forum here "Normally AutoUpdate is configured during install (not sure if you can skip it). Please use sudo /opt/sophos-av/bin/savsetup to display the current configuration when prompted."

When I typed sudo /opt/sophos-av/bin/savsetup  the response I receive is " sudo: /opt/sophos-av/bin/update: command not found "

I am trying to find out if the anti-virus is updating on Sophos.

When I check if Sophos is running I receive this response "Sophos Anti-Virus is active and on-access scanning is running"



This thread was automatically locked due to age.
  • Hi Dawn,

    Which Sophos product are you using (Sophos Home, Sophos Central Endpoint, Sophos Enterprise Console, etc)?

    Thanks,
    Karlos

    Karlos
    Community Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.
  • Free home Sophos anti-virus on Linux

  • What does it say on the Sophos Home dashboard > Device Summary > Last Update column?

    This date/time should change several times daily.

    Thanks,
    Karlos

    Karlos
    Community Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.
  • Hello Dawn Julie,

    I receive "sudo: /opt/sophos-av/bin/update: command not found "
    this (instead of the What do you want to do? prompt) is indeed what you get immediately after entering the command? Can't imagine where this should come from.

    sudo /opt/sophos-av/bin/savlog --category=update.updated shows successful updates, update.failed the failed ones.

    Christian

  • Christian,,, thank you... below is what is the outcome is with sudo /opt/sophos-av/bin/savlog

     

     

    Tue 12 Dec 2017 09:21:59 AM PST: update.failed    Failed to replicate from all update sources
    Tue 12 Dec 2017 10:22:00 AM PST: update.failed    Failed to replicate from sdds:SOPHOS
    Tue 12 Dec 2017 10:22:00 AM PST: update.failed    Failed to replicate from all update sources
    Tue 12 Dec 2017 11:22:00 AM PST: update.failed    Failed to replicate from sdds:SOPHOS
    Tue 12 Dec 2017 11:22:00 AM PST: update.failed    Failed to replicate from all update sources
    Tue 12 Dec 2017 12:22:01 PM PST: update.failed    Failed to replicate from sdds:SOPHOS
    Tue 12 Dec 2017 12:22:01 PM PST: update.failed    Failed to replicate from all update sources
    Tue 12 Dec 2017 01:22:02 PM PST: update.failed    Failed to download 'sdds:SOPHOS': invalid authentication. Please check PrimaryUpdateUsername and PrimaryUpdatePassword.
    Tue 12 Dec 2017 01:22:02 PM PST: update.failed    Failed to replicate from all update sources
    Tue 12 Dec 2017 02:22:00 PM PST: update.failed    Failed to download 'sdds:SOPHOS': invalid authentication. Please check PrimaryUpdateUsername and PrimaryUpdatePassword.
    Tue 12 Dec 2017 02:22:00 PM PST: update.failed    Failed to replicate from all update sourcesWed 13 Dec 2017 12:21:59 AM PST: update.failed    Failed to replicate from sdds:SOPHOS
    Wed 13 Dec 2017 12:21:59 AM PST: update.failed    Failed to replicate from all update sources
    Wed 13 Dec 2017 01:21:59 AM PST: update.failed    Failed to replicate from sdds:SOPHOS
    Wed 13 Dec 2017 01:21:59 AM PST: update.failed    Failed to replicate from all update sources
    Wed 13 Dec 2017 02:21:59 AM PST: update.failed    Failed to replicate from sdds:SOPHOS

    etc

    this continues until today's date

     

     

    If I type sudo /opt/sophos-av/bin/savlog --category=update.updated

     

    the reply is 'invalid command'

     

  • In regard to 'sdds:SOPHOS': invalid authentication. Please check PrimaryUpdateUsername and PrimaryUpdatePassword.

     

    I don't know how to do the authentication correctly or how to find my Username and PrimaryUpdatePassword

     

    [:^)]

  • Hello Dawn Julie,

    the reply is 'invalid command'
    strange, please try sudo /opt/sophos-av/bin/savlog --help. If is lists --category then your installation might be corrupt (especially as savsetup also gave some weird response). For the free version the installer should automatically fetch the required credentials. Did you try to re-run the installer?

    Christian

  • I typed sudo /opt/sophos-av/bin/savlog --help

    and received the information below:

    savlog: Display the Sophos Anti-Virus log
    Usage: savlog [OPTION] ...
    OPTION:
      --help               Display this help information
      --version            Display the version and copyright information
      --lang-neutral       Export the log in a language neutral XML format
      --utc                Display the time and date in UTC
      --today              Restrict log messages to those in the last 24 hours
      --maxage=NUMBER      Restrict log messages to those in the last 24 * NUMBER
                             hours
      --after=NUMBER       Restrict log messages to those NUMBER seconds after
                             1 January 1970 00:00:00.00
      --after=HH:MM[:SS]   Restrict log messages to those after the given time today
      --before=NUMBER      Restrict log messages to those before NUMBER seconds
                             after 1 January 1970 00:00:00.00
      --before=HH:MM[:SS]  Restrict log messages to those before the given time
                             today
      --category=STRING    Restrict log messages to those whose category starts
                             with STRING
      --systemLog          Display the syslog (/var/log/messages) rather than the
                             product log
      --namedscan=NAME     Display log messages for the specified named scan
      --noHeader           Don't display column headings
      -N                   Restrict log messages to N most recent entries

  • Hello Dawn Julie,

    clearly shows that --category should be a valid option. If you don't get the expected response or even an error when using it then, as said, the install is likely corrupt. Please re-install, it should also ask you whether you want the free version, fetch credentials, and configure updating.

    Christian 

  • I uninstalled the free sophos home anti virus for Linux and downloaded it again and installed the download which was successful.

    I tried sudo /opt/sophos-av/bin/savlog and below is the response:

    Updating Virus Engine and Data
    Updating Talpa Kernel Support
    Updating Manifest
    Selecting appropriate kernel support...
    On-access scanning not available because of problems during kernel support compilation.
    Update completed.
    Fri 22 Dec 2017 09:00:06 PM PST: update.updated   Updated to versions - SAV: 9.14.0, Engine: 3.69.2, Data: 5.46
    Fri 22 Dec 2017 09:00:06 PM PST: update.updated   Successfully updated Sophos Anti-Virus from sdds:SOPHOS
    Fri 22 Dec 2017 09:47:24 PM PST: savd.daemon      On-access scanning disabled.
    Fri 22 Dec 2017 09:47:24 PM PST: savd.daemon      Sophos Anti-Virus daemon stopped.
    Sat 23 Dec 2017 10:42:54 AM PST: update.failed    Failed to replicate from sdds:SOPHOS
    Sat 23 Dec 2017 10:42:54 AM PST: update.failed    Failed to replicate from all update sources
    Sat 23 Dec 2017 10:43:00 AM PST: savd.daemon      Sophos Anti-Virus daemon started.
    Sat 23 Dec 2017 10:43:02 AM PST: talpa.startup    Unable to load Talpa modules.
    Sat 23 Dec 2017 10:44:02 AM PST: savd.daemon      On-access scanning enabled using fanotify.

     

    Comments? Suggestions?