Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 17 replies
  • Subscribers 1 subscriber
  • Views 26536 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SUM status reported to Console - "backlog"; Endpoint up-to-date: unknown

QC

One hour ago (10:30am) when opening the console for our administration's domain (200+ computers) the dashboard showed Protection Out-of-date for more than 2/3 of the computers. Now I know "this just can't be". So looking at Updates (which were green) I saw Last updated around 1am today. Update managers / Last updated and Download status were consistent with the dashboard. Endpoints -> Status / Up to date  showed Unknown for the majority of computers. Everything else looked ok.

Selecting Update now from the update manager's context menu didn't seem to have any effect.  I was just about to check the services on the management server when I noticed that Last checked at time had started to progress. Every few seconds the time was incremented approx. 20 or 30 minutes so it looked like a fast motion display of the last hour's messages. At the same time the number of out-of-date computers dropped and eventually reached zero. Now everything's in synch again.   

Anyone else seen this?

Christian

:928


This thread was automatically locked due to age.
  • 0

    It seems to happen to us once or twice a week.  Right now we have 286 computers connected on the network and 280 of those are reporting up-to-date status as 'unknown'.   We haven't found any resolution yet.

    :1877
  • 0

    I'm starting to see this same thing happen as well.  Just seems to happen all the sudden and can't seem to figure out why.  Was anyone out there able to figure out what's going on?  Thanks!

    :3279
  • 0

    Count us in on that as well.  Just watched our console go from almost all computers up to date to almost none of our computers up to date.  Status says unknown, however, it appears as the machines are being turned off, the count is going back down.

    The units that are "Unknown" and the ones that are up-to-date all have the same Detection Data version.

    Thanks

    :3280
  • 0

    I just had this occur for the first time as well....i restarted several Sophos services on the SUM but that had no effect, rebooting the server had no effect - I spot checked a few clients and they do appear to be updating.

    :3281
  • 0

    I just spoke with Sophos Support about this.  They just released some update packages, however the date and time are not reporting properly.  They are aware of the problem and are working on it, and i was told that it should be resolved shortly.

    :3282
  • 0

    Count us in also.

    400+ computers,

    WS mostly windows xp sp3, some SP2,

    Sophos Endpoint Security and Control version 9 (hate not to be able to copy/paste from 'about' pane).

    Sophos Enterprise Console, product version 4.0.0.2362 (hate not to be able to copy/paste from 'about' pane - this copy/pasted).

    Dashboard shows all but two conntected computers as not up to date - update status unknown.

    Spotted during last hour,

    Same hour yesterday dashboard and the rest of EC showed normal data,

    No known changes of configuration, known or suspected to be relevant reinstallations - except subscripted updates from Sophos.

    Protected computers update normally, and as I see Sophos is aware of the problem, so no real panic seems necessary.

    (Unless or until some manager sees report and gets choleric before understanding what data means.)

    Regards, Marjan T.

    :3283
  • 0

    Additionala data:

    Two online workstations are not listed as up-to-date: unknown.

    One si listed as 'up-to-date' yes.

    User of this workstation reported she tried to shut it down, but it didn't in time before she left it.

    Currently responds to ping and remote management. No unusual data in event logs but The attempt to power off xxxxxxx failed

    (Event 1073, Source USER32)

    Other has no data in 'up-to-date' column.

    This is a 2003 server R2 Standard Edition, with service pack 2, and is(was) used to test an application under development (outsourced), so is probably not quite standard, and it's detailed status is not known to me.

    In has been running for about fourteen days, and system log shows atapi problems some minutes after restart (at midnight local time;-).

    Application log is full of Sophos Anti-Virus Event 13. The requested component 'ICManager' is in a failure state. The component will not be returned. Each three seconds approx a new entry.

    Remote desktop connection succesfull, a message about 'Could not load file or assembly MOM.Implementation, Version xxx... pr one od its dependencies. The system cannot find the file specified. Caption of message empty.

    Anyway, Sophos protection locally reports itself up to date an running.

    This might give support personal additional ideas.

    Marjan T.

    :3289
  • 0

    All our connected endpoints (100) display "Unknown" in the up to date column here as well.  Just noticed it today, had to have happend within the past week...We have made no changes to the server with the console installed.

    I'm assuming my endpoints are still connected, being updated and protected......RIGHT?

    :3290
  • 0

    I have over 400 computers reporting as out of date as well and showing "Unknown" in the "Up to Date" column.

    I called Sophos Support and was informed that this is a known issue due to an update from a few hours ago earlier today.  They are working on fixing the issue.  Endpoints are updating and are still protected.  

    :3291
Unfiltered HTML