Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 17 replies
  • Subscribers 1 subscriber
  • Views 26544 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SUM status reported to Console - "backlog"; Endpoint up-to-date: unknown

QC

One hour ago (10:30am) when opening the console for our administration's domain (200+ computers) the dashboard showed Protection Out-of-date for more than 2/3 of the computers. Now I know "this just can't be". So looking at Updates (which were green) I saw Last updated around 1am today. Update managers / Last updated and Download status were consistent with the dashboard. Endpoints -> Status / Up to date  showed Unknown for the majority of computers. Everything else looked ok.

Selecting Update now from the update manager's context menu didn't seem to have any effect.  I was just about to check the services on the management server when I noticed that Last checked at time had started to progress. Every few seconds the time was incremented approx. 20 or 30 minutes so it looked like a fast motion display of the last hour's messages. At the same time the number of out-of-date computers dropped and eventually reached zero. Now everything's in synch again.   

Anyone else seen this?

Christian

:928


This thread was automatically locked due to age.
Parents
  • 0

    I suppose endpoints are up to date and protected.

    I checked several (remote desktop connection) and all locally reported up to date, and protected.Going to try if an old utility to check if malware is detected/intercepted still works...

    Sav32test works as usual (beautirully). 

    Local interception on workstations reported as up-to-date unknown tested works.

    Local interception on workstation reported as up-to-date 'yes' works.

    Local interception on server not being reported as 'up-to-date unknown' - no data in that column - doesn't work

    (Test pattern intercepted on my workstation instead on server.)

    (Supposedly filter driver not loaded because of atapi problems at startup time I mentioned above)

    Sophos application opens, but when tried to check on access configuration another failure message is shown:

    'An error occured while creating the configuration property pages. Please ensure that the Sophos Anti-Virus on-access driver is active.'

    On demand detection works.

    Would restart server and troubleshoot it's startup if it were needed for anything, but it is currently not needed and so I am waiting if any info here can be usefull to Sophos support staff.

    Regards, Marjan T.

    :3293
Reply
  • 0

    I suppose endpoints are up to date and protected.

    I checked several (remote desktop connection) and all locally reported up to date, and protected.Going to try if an old utility to check if malware is detected/intercepted still works...

    Sav32test works as usual (beautirully). 

    Local interception on workstations reported as up-to-date unknown tested works.

    Local interception on workstation reported as up-to-date 'yes' works.

    Local interception on server not being reported as 'up-to-date unknown' - no data in that column - doesn't work

    (Test pattern intercepted on my workstation instead on server.)

    (Supposedly filter driver not loaded because of atapi problems at startup time I mentioned above)

    Sophos application opens, but when tried to check on access configuration another failure message is shown:

    'An error occured while creating the configuration property pages. Please ensure that the Sophos Anti-Virus on-access driver is active.'

    On demand detection works.

    Would restart server and troubleshoot it's startup if it were needed for anything, but it is currently not needed and so I am waiting if any info here can be usefull to Sophos support staff.

    Regards, Marjan T.

    :3293
Children
No Data
Unfiltered HTML