We'd love to hear about it! Click here to go to the product suggestion community
i'm installing the sophos central antivirus on about 20 Clients.
On some oh these, the installation failed saying "Installation is almost Complete"
But i notice that on these clients there are not some Sophos Services that instead regularly present on the others clients.
For instance, the "sophos Antivirus" service is missing.
We tried to reinstall many times, also with a unfiltered internet connection. The result is always the same.
Can You help us?
Can you provide the mcsclient log?
This will tell, what region you are using, if the computer has registered and what status the APIs are returning. You need to get the updating policy to configure AutoUpdate before the software can be pulled down and installed. I assume this isn't happening on some of these computers.
In reply to jak:
Hi here is the log.
I wish to say that others computer had no problem on installing the client even if the Update policy was disable.
It was disable for all...
In reply to Julian Guzman:
From that I can see that:
1. You are using the US region to store data. There was a problem with that very recently, which is highly likely to be related to the issue you are seeing.
In the current log it started at:
2017-07-15T08:27:03.630Z [ 2892] INFO GET dzr-mcs-amzn-us-west-2-fa88.upe.p.hmr.sophos.com:443/.../b0656ef9-cf43-047b-7a0e-ed4d61d2931e
2. The endpoint has registered as it has a machine ID. This is in the above URL, 6065...
3. There was an updating policy advertised and obtained (a long time after):
2017-07-15T23:34:17.796Z [ 2892] INFO GET dzr-mcs-amzn-us-west-2-fa88.upe.p.hmr.sophos.com:443/.../policy/application/ALC/34bd06af2c76b48a0d8fc02a09431dd6f34799bde0438baf85140c15e7c3f22a
2017-07-15T23:34:18.342Z [ 2892] INFO 200 OK: sent=0 rcvd=7400 elapsed=537ms2017-07-15T23:34:18.342Z [ 2892] INFO ALC policy queued -> 20170715233418-0002-policy-ALC.xml2017-07-15T23:34:18.358Z [ 2892] INFO DELETE dzr-mcs-amzn-us-west-2-fa88.upe.p.hmr.sophos.com:443/.../commands/endpoint/b0656ef9-cf43-047b-7a0e-ed4d61d2931e/322017-07-15T23:34:18.545Z [ 2892] INFO 200 OK: sent=0 rcvd=0 elapsed=186ms2017-07-15T23:34:31.899Z [ 2892] INFO POST dzr-mcs-amzn-us-west-2-fa88.upe.p.hmr.sophos.com:443/.../events/endpoint/b0656ef9-cf43-047b-7a0e-ed4d61d2931e2017-07-15T23:34:32.382Z [ 2892] INFO 200 OK: sent=1039 rcvd=0 elapsed=483ms2017-07-15T23:34:32.382Z [ 2892] INFO ALC event processed <- 20170715233430-011d-event-ALC.xml2017-07-15T23:35:07.155Z [ 2892] INFO GET dzr-mcs-amzn-us-west-2-fa88.upe.p.hmr.sophos.com:443/.../b0656ef9-cf43-047b-7a0e-ed4d61d2931e2017-07-15T23:35:07.903Z [ 2892] INFO 200 OK: sent=0 rcvd=140 elapsed=758ms2017-07-15T23:35:19.432Z [ 2892] INFO PUT dzr-mcs-amzn-us-west-2-fa88.upe.p.hmr.sophos.com:443/.../statuses/endpoint/b0656ef9-cf43-047b-7a0e-ed4d61d2931e2017-07-15T23:35:19.822Z [ 2892] INFO 200 OK: sent=4940 rcvd=0 elapsed=388ms2017-07-15T23:35:19.822Z [ 2892] INFO ALC status processed <- 20170715233419-011c-status-ALC.xml....
So to me it looks like the client did receive an updating policy.
It might be worth a look in the SophosUpdate.log file now (\programdata\sophos\autoupdate\logs\). This will show the username has been received as it is logged on each update attempt. You can then see the update sequence and install sequence of the products.
It seems like you were affected by the NA region problems but I would think it would auto recover now that it has an updating policy.
Thank for your reply.
After few days i activated the update Policy, the situation is still the same (as in Attachment).