Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 14 replies
  • Subscribers 0 subscribers
  • Views 67254 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Enterprise Console 5.2.2 showing Update Manager not updating

E-Rexxie

Hi Folks

We have a SEC 5.2.2 instance which has a stuck Update Manager (the primary one on the SEC server). I've tried all sorts of things to get it going again - but to no avail.

1. restarting server

2. restarting services

3. deleting and downloading all the Warehouse and CID folders again (which seems to work fine)

The updates failed on 17 July 2014 and all I can see in the log viewer around that time are these view entries

17/07/2014 17:37:14 Error Decoding of product release Sophos Update Manager version RECOMMENDED was not done because the synchronization failed.
17/07/2014 17:37:14 Error Version information for product 'Sophos Update Manager' was not gathered by dispatcher 'DispatcherPrograms-2014-07-17T16-36-56-50', as the last synchronization of that product failed.
17/07/2014 17:37:14 Error Decoding of product release Sophos Patch Server version RECOMMENDED was not done because the synchronization failed.
17/07/2014 17:37:14 Error Version information for product 'Sophos Patch Server' was not gathered by dispatcher 'DispatcherPrograms-2014-07-17T16-36-56-50', as the last synchronization of that product failed.
17/07/2014 17:37:14 Error Decoding of product release Sophos Enterprise Console version 0.0.0 was not done because the synchronization failed.
17/07/2014 17:37:14 Error Version information for product 'Sophos Enterprise Console' was not gathered by dispatcher 'DispatcherPrograms-2014-07-17T16-36-56-50', as the last synchronization of that product failed.
17/07/2014 17:37:13 Error Decoding of product release Sophos Anti-Virus for Mac OS X 10.6+ version RECOMMENDED was not done because the synchronization failed.
17/07/2014 17:37:13 Error Version information for product 'Sophos Anti-Virus for Mac OS X 10.6+' was not gathered by dispatcher 'DispatcherPrograms-2014-07-17T16-36-56-50', as the last synchronization of that product failed.
17/07/2014 17:37:13 Error Decoding of product release Windows Endpoint Security and Control version RECOMMENDED was not done because the synchronization failed.

Surely the update manager should fix this automatically seeing as all the updates since then having been working OK???

any help would be greatly appreciated

thanks

E-Rexxie

:52401


This thread was automatically locked due to age.
  • 0

    Hello E-Rexxie,

    is there still an issue? If so, the dashboard should indicate this in the Updates pane and there should be an error in the Update Managers view. It's not clear what you mean by all the updates since then having been working OK though.

    Christian

    :52527
  • 0

    I had a similar issue a few months back where updates would fail on the OS X version of Sophos - turns out it was caused by our firewall blocking one of the update files.  Would have been nice if the console carried on updating the other subscriptions instead of stopping the whole thing, but excluding the management server from your firewall's anti-virus (even temporarily) may be worth a shot in your case.

    :52539
  • 0

    Yeah - It is still an issue

    I thought the actual updates where OK because the other update managers that are working have the exact same content in the network share folders - but this is no longer the case.

    The dashboard however report no errors at all - which is what makes the problem weird.

    I think the only way to get this fixed is to do a complete uninstall and reinstall.

    :52585
  • 0

    Hello E-Rexxie,

    so Updates on the Dashboard has the green check mark and a single line saying Last updated on ...? How did you notice the apparently stuck SUM in the first place?

    Could you perhaps provide a screenshot of the Update managers view? Can't imagine that there is no indication of the error. Before considering a reinstall I'd try to find out why the synchronization failed. The Logviewer display is bottom up so the initial error would be farther down. The message might or might not have sufficient detail, the SUMTrace log in %ProgramData%\Sophos\Update Manager\Logs should give more insight.

    Christian

    :52589
  • 0

    Hey Christian

    Here's a screen shot ... showing the stuck update manager and the empty Alerts (and Errors) box

    Sophos Update Manager Stuck.png

    and the Update Manager details with a very generic error code 80040401

    Update Manager Details.png

    :52611
  • 0

    Hello E-Rexxie,

    thanks for the screenshot (BTW, the box - as opposed to the endpoints Resolve - just displays Alerts, e.g. about upcoming retirement of a product). I see that the SUM hasn't even checked after Aug 4th - any idea why (is the SUM service running)?

    In your first post you've said deleting and downloading all the Warehouse and CID folders again. This was likely on the 4th - did this indeed populate the Warehouse and recreate the CIDs? Anyway, I think it's necessary to have a look at the SUMTrace log - request Update now (note the time you do it), the Download status should after a few seconds change to Downloading binaries. If it doesn't or after it has reverted to Last checked view the latest SUMTrace log (use the time of the request to locate the start of the interesting part of the log). The point of the initial error (note that the subsequent because the synchronization failed are just inherited ones) shouldn't be too hard to find. Unless the meaning and cause of the error are obvious you'd have to attach the relevant part of the log here.

    Christian     

    :52631
  • 0

    Hi Christian

    Yes the SUM service is running. I stopped and started it again to be sure ... the SUM log just show a few successful things and then stops ... I'm running it in debug mode

    14/08/2014 09:48:46 Information All events from dispatcher '__MAINTENANCE_DISPATCHER__-2014-08-14T08-48-46-1' have completed.
    14/08/2014 09:48:46 Success Event from dispatcher '__MAINTENANCE_DISPATCHER__-2014-08-14T08-48-46-1' succeeded.
    14/08/2014 09:48:46 Information Action '__MAINTENANCE_ACTION__' was successful.
    14/08/2014 09:48:46 Information The maintenance operation was successful.
    14/08/2014 09:48:46 Information Action '__MAINTENANCE_ACTION__' started...
    14/08/2014 09:48:46 Information Events of dispatcher '__MAINTENANCE_DISPATCHER__-2014-08-14T08-48-46-1' triggered by user. Number of events to execute: 1.
    14/08/2014 09:48:45 Information Sophos Update Manager has started up.
    14/08/2014 09:48:40 Information Sophos Update Manager has shut down.

    :52633
  • 0

    Clicking Update Now on the broken Update Manager does not seem to generate any activity in the logs ... I've waited 5 minutes to be sure ...

    :52635
  • 0

    Hello E-Rexxie,

    that's the Logviewer view - could you also check the latest SUMTrace log please? There should be at least some "heartbeat" activity recorded.  

    In addition - check if SUM_Status.xml in C:\Program Files (x86)\Sophos\Update Manager\ is current and perhaps view it. You should find among other things the CID paths and product version numbers (e.g. 10.3.7) for the subscribed products. Checking and updating the SUM configuration should do no harm. Change one of the intervals in the Schedule tab and click OK (normally you wouldn't notice a change in the Configuration column which displays Matches but you should see that config.xml in the Program Files directory has been updated).      

    Christian

    :52637
  • 0

    aaah here we go ... finding some useful info now ... going back in the SUMTRACE to 04-08-2014 at aroung 09:40:58 I see lots of errors like

    2014-08-04 09:40:57 : GatherCurrencyData: Considering payload Payload-Sub2...
    2014-08-04 09:40:57 : GatherCurrencyData: Sync marked as failed, sending the abort.
    2014-08-04 09:40:57 : Cmd-ALL << [E402D][DispatcherPrograms-2014-08-04T08-40-37-3][7D48A012-0C64-4F21-BA27-A9CEDF442749] Gather Currency Data operation invoked by dispatcherId 'DispatcherPrograms-2014-08-04T08-40-37-3' on product with rigid name '7D48A012-0C64-4F21-BA27-A9CEDF442749' has been aborted because the data has not been synchronised correctly.

    and this as well

    2014-08-04 09:40:59 : Cmd-ALL << [E400E][DispatcherPrograms-2014-08-04T08-40-37-3] Event with dispatcher ID 'DispatcherPrograms-2014-08-04T08-40-37-3' failed to execute.
    2014-08-04 09:40:59 : Cmd-ALL << [I1020][DispatcherPrograms-2014-08-04T08-40-37-3] All events with dispatcher ID 'DispatcherPrograms-2014-08-04T08-40-37-3' complete.
    2014-08-04 09:40:59 : Cmd-ALL << [I1021][ActionSelfUpdate-SDDM][DispatcherPrograms-2014-08-04T08-40-36-1] Action 'ActionSelfUpdate-SDDM' with caller 'DispatcherPrograms-2014-08-04T08-40-36-1' started...
    2014-08-04 09:40:59 : Cmd-ALL << [I1017][ActionSelfUpdate-SDDM][DispatcherPrograms-2014-08-04T08-40-36-1] Action 'ActionSelfUpdate-SDDM' with caller 'DispatcherPrograms-2014-08-04T08-40-36-1' could not execute.
    2014-08-04 09:40:59 : Cmd-Sock-608 >> DumpDefaultTargetSite
    2014-08-04 09:40:59 : Cmd-Sock-608 << [R0000][C:\ProgramData\Sophos\Update Manager\Update Manager\][\\SPKBEXEC01\SophosUpdate][TEOFFICE\sophos][Bwi0z7ID3q3fpLlixHPC+MatiBhcxR/rQX8=] Local path: C:\ProgramData\Sophos\Update Manager\Update Manager\ Remote path: \\SPKBEXEC01\SophosUpdate Username: TEOFFICE\sophos Obfuscated password: Bwi0z7ID3q3fpLlixHPC+MatiBhcxR/rQX8=
    2014-08-04 09:40:59 : Cmd-Sock-608 <<

    :52641
Unfiltered HTML