This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

What is the exact Sophos cache update URL ?

 Hi,

 

We are using Sophos cache update in my company, it's working well.

We would like to monitor this service with PRTG, so we tried to monitor this URL https://XXXXX:8191/

 

But we have a 404 error when we go on this URL, so the Sophos Cache Update WebServer is working, but does someone know the exact URL ?

 

We tried :

- https://XXXXX:8191/

- https://XXXXX:8191/update/

- https://XXXXX:8191/sophos/

 

Thanks for your help !



This thread was automatically locked due to age.
Parents
  • Since no one else has commented, I will try

    Did you post in the correct product section of this forum?   I am uncertain what you mean by the "Cache Update Webserver"

    There are several articles in the knowledgebase section of this forum about the URLs that Sophos uses for UTM and Endpoint, although I did not see anything about port 8191 being used.   Your best bet is to ask Sophos Support.

     If the traffic flows through UTM, you should be able to use UTM logging to capture the complete URL.

  • Hi,

     

    Thank you for you reply DouglasFoster.

     

    We are using Sophos Endpoint Server Protection and Sophos cloud admin console.

    To save some bandwitdh, there is a feature to allow a local server with Sophos Endpoint Server Protection installed to distribute all Sophos update locally to all computers.

     

    That's this feature we are using, it's working well, but we would like to monitor the exact Sophos Cache Update URL.

     

    I already contacted the sophos support, but they don't know...

     

    And I already follow and read this page : https://community.sophos.com/kb/en-us/122577

     

    Thank you,

  • Hello Denis Chatenay,

    the exact Sophos Cache Update URL
    is IMO not important unless you decide to have another application share port 8191 (if it is even possible).
    Why? The 404 Notfound indicates that a web server is running on 8191 and responding. The update process is complex and doesn't work by (recursively) obtaining a listing of a directory path and downloading the files found. Thus a check with the update URL could just confirm that "something" works but not that the cache is valid, complete, and consistent and therefore usable.
    If you insist on downloading I file ... I'm not a Central user, just guessing - AFAIK the cache is located under C:\ProgramData\Sophos\UpdateCache\www\warehouse\. there is perhaps a subdirectory named \catalogue\, and it perhaps contains a file named sumcf.dat (or just one by another name with a .dat extension). And from the few logs I've seen the URL could be xxxx:8191/sophos/warehouse/catalogue/sumcf.dat. In case there is no \catalogue\ subdirectory there's perhaps one named \bulk\ ... as said, just a guess.

    Christian   

Reply
  • Hello Denis Chatenay,

    the exact Sophos Cache Update URL
    is IMO not important unless you decide to have another application share port 8191 (if it is even possible).
    Why? The 404 Notfound indicates that a web server is running on 8191 and responding. The update process is complex and doesn't work by (recursively) obtaining a listing of a directory path and downloading the files found. Thus a check with the update URL could just confirm that "something" works but not that the cache is valid, complete, and consistent and therefore usable.
    If you insist on downloading I file ... I'm not a Central user, just guessing - AFAIK the cache is located under C:\ProgramData\Sophos\UpdateCache\www\warehouse\. there is perhaps a subdirectory named \catalogue\, and it perhaps contains a file named sumcf.dat (or just one by another name with a .dat extension). And from the few logs I've seen the URL could be xxxx:8191/sophos/warehouse/catalogue/sumcf.dat. In case there is no \catalogue\ subdirectory there's perhaps one named \bulk\ ... as said, just a guess.

    Christian   

Children
No Data