Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 11 replies
  • Subscribers 3 subscribers
  • Views 6973 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Few successful pattern requests and even fewer pattern updates installed but zero request failures

R E

Am on 9.509-3 and my weekly report this morning indicated that my UTM had made a whopping 15 successful requests and had only 7 pattern updates installed over the past week...  That doesn't seem right.  My previous weekly reports had 619/174, 648/159, 632/165 and so on.

Since there's no indication of failures I'm here with a question.  ATM I am on pattern version 143222.  Should I see myself stuck on this pattern version can someone confirm that the current best way to correct this is to execute (from the console or SSH) either:

rpm -e u2d-auav -nodeps rpm -e u2d-clam -nodeps
then auisys.plx -nosys

OR:

Go to "/var/up2date/aptp" and if there is a file in there called "u2d-aptp-9.****.tgz.gpg" then delete it.  Do the same IF there is a "/var/up2date/aptp-install" directory.
then auisys.plx -nosys



This thread was automatically locked due to age.
Parents
  • 0

    If the result of du -shx /var/up2date/* is not all 4.0K directories, then you might want to do the second with any that are occupied with the exception of sys-install.  What did you see?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    BAlfson said:

    If the result of du -shx /var/up2date/* is not all 4.0K directories, then you might want to do the second with any that are occupied with the exception of sys-install.  What did you see?

    Cheers - Bob

    Thanks/sorry for the incredibly late reply on my part.
     
    All of the directories were 4.0K so I chose to do a factory reset which for a few months fixed this.
     
    Then the issue came back again so I checked to see if anything was wrong with the hardware.  The Motherboard, CPU and RAM ran 9+ hours of Prime95 overnight without issue so, at a loss for ideas, I removed the aging MLC SSD I had (despite its SMART output looking fine) and replaced it with a new MLC SSD and did a fresh install of 9.510-5.1.
     
    Again for a time all was well but this morning I woke up to a report that had straight goose eggs...  0 requests, 0 failures and 0 pattern updates...
     
    What's bizarre to me is looking at the U2D logs on days of the week when this occurs numerous "u2d-aptp-9.****.tgz.gpg" files have been unpacked and installed successfully.   For example on Thursday my system downloaded and applied the following:
     
    u2d-aptp-9.31427-31428
    u2d-aptp-9.31428-31429
    u2d-aptp-9.31429-31430
    u2d-aptp-9.31430-31431
    u2d-aptp-9.31431-31432
    u2d-aptp-9.31432-31433
    u2d-aptp-9.31433-31434
    u2d-aptp-9.31434-31435
     
    At this point I am thinking this is just a goof as the U2D logs completely contradict the report and while this is going on the pattern version is increasing on a daily basis...  Thoughts?
  • 0 in reply to R E

    Please show us a few dozen relevant log lines beginning with the line containing "Starting Up2Date Package Downloader."

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    BAlfson said:

    Please show us a few dozen relevant log lines beginning with the line containing "Starting Up2Date Package Downloader."

    Cheers - Bob

    From Thursday:

    2018:11:01-01:06:02 utm audld[22711]: Starting Up2Date Package Downloader
    2018:11:01-01:06:02 utm audld[22711]: patch up2date possible
    2018:11:01-01:06:24 utm audld[22711]: id="3701" severity="info" sys="system" sub="up2date" name="Authentication successful"
    2018:11:01-01:06:24 utm audld[22711]: id="3707" severity="info" sys="system" sub="up2date" name="Successfully synchronized fileset" status="success" action="download" package="avira-xvdf"
    2018:11:01-01:06:24 utm auisys[22756]: no HA system or cluster node
    2018:11:01-01:06:24 utm auisys[22756]: waiting for db_verify to return (30 seconds max)
    2018:11:01-01:06:26 utm auisys[22756]: not cleaning /var/up2date/sys-install in --nosys mode
    2018:11:01-01:06:26 utm auisys[22756]: removing '/var/up2date/appctrl43-install'
    2018:11:01-01:06:26 utm auisys[22756]: removing '/var/up2date/aptp-install'
    2018:11:01-01:06:26 utm auisys[22756]: removing '/var/up2date/avira-xvdf-install'
    2018:11:01-01:06:26 utm auisys[22756]: removing '/var/up2date/geoip-install'
    2018:11:01-01:06:26 utm auisys[22756]: removing '/var/up2date/geoipxtipv6-install'
    2018:11:01-01:06:26 utm auisys[22756]: removing '/var/up2date/ipsbundle2-install'
    2018:11:01-01:06:26 utm auisys[22756]: removing '/var/up2date/savi-install'
    2018:11:01-01:06:26 utm auisys[22756]: Starting Up2Date Package Installer
    2018:11:01-01:06:26 utm auisys[22756]: No suitable packages of type <appctrl43> found, skipping
    2018:11:01-01:06:26 utm auisys[22756]: No suitable packages of type <geoipxtipv6> found, skipping
    2018:11:01-01:06:26 utm auisys[22756]: No suitable packages of type <aptp> found, skipping
    2018:11:01-01:06:26 utm auisys[22756]: No suitable packages of type <geoip> found, skipping
    2018:11:01-01:06:26 utm auisys[22756]: No suitable packages of type <ipsbundle2> found, skipping
    2018:11:01-01:06:26 utm auisys[22756]: No suitable packages of type <savi> found, skipping
    2018:11:01-01:06:26 utm auisys[22756]: Install u2d packages <avira-xvdf>
    2018:11:01-01:06:26 utm auisys[22756]: Starting installing up2date packages for type 'avira-xvdf'
    2018:11:01-01:06:26 utm auisys[22756]: Installing up2date package: /var/up2date/avira-xvdf/u2d-avira-xvdf-9.11982-11983.patch.tgz.gpg
    2018:11:01-01:06:26 utm auisys[22756]: Verifying up2date package signature
    2018:11:01-01:06:26 utm auisys[22756]: Unpacking installation instructions
    2018:11:01-01:06:26 utm auisys[22756]: parsing installation instructions
    2018:11:01-01:06:26 utm auisys[22756]: This is a patch. Setting required_version to 9.11982
    2018:11:01-01:06:26 utm auisys[22756]: Unpacking up2date package container
    2018:11:01-01:06:27 utm auisys[22756]: Running pre-installation checks
    2018:11:01-01:06:27 utm auisys[22756]: Starting up2date package installation
    2018:11:01-01:06:39 utm auisys[22756]: id="371Z" severity="info" sys="system" sub="up2date" name="Successfully installed Up2Date package" status="success" action="install" package_version="9.11983" package="avira-xvdf"
    2018:11:01-01:06:39 utm auisys[22756]: [INFO-306] New Pattern Up2Dates installed
    2018:11:01-01:06:40 utm auisys[22756]: Up2Date Package Installer finished, exiting
    2018:11:01-01:06:40 utm auisys[22756]: id="3716" severity="info" sys="system" sub="up2date" name="Up2Date Package Installer finished, exiting"
    2018:11:01-01:21:02 utm audld[23817]: no HA system or cluster node
    2018:11:01-01:21:02 utm audld[23817]: Starting Up2Date Package Downloader
    2018:11:01-01:21:02 utm audld[23817]: patch up2date possible
    2018:11:01-01:21:16 utm audld[23817]: id="3701" severity="info" sys="system" sub="up2date" name="Authentication successful"
    2018:11:01-01:36:01 utm audld[24745]: no HA system or cluster node
    2018:11:01-01:36:01 utm audld[24745]: Starting Up2Date Package Downloader
    2018:11:01-01:36:02 utm audld[24745]: patch up2date possible
    2018:11:01-01:36:11 utm audld[24745]: id="3701" severity="info" sys="system" sub="up2date" name="Authentication successful"
    2018:11:01-01:51:02 utm audld[25695]: no HA system or cluster node
    2018:11:01-01:51:02 utm audld[25695]: Starting Up2Date Package Downloader
    2018:11:01-01:51:02 utm audld[25695]: patch up2date possible
    2018:11:01-01:51:16 utm audld[25695]: id="3701" severity="info" sys="system" sub="up2date" name="Authentication successful"
    2018:11:01-01:51:17 utm audld[25695]: id="3707" severity="info" sys="system" sub="up2date" name="Successfully synchronized fileset" status="success" action="download" package="aptp"
    2018:11:01-01:51:17 utm auisys[25729]: no HA system or cluster node
    2018:11:01-01:51:17 utm auisys[25729]: waiting for db_verify to return (30 seconds max)
    2018:11:01-01:51:19 utm auisys[25729]: not cleaning /var/up2date/sys-install in --nosys mode
    2018:11:01-01:51:19 utm auisys[25729]: removing '/var/up2date/appctrl43-install'
    2018:11:01-01:51:19 utm auisys[25729]: removing '/var/up2date/aptp-install'
    2018:11:01-01:51:19 utm auisys[25729]: removing '/var/up2date/avira-xvdf-install'
    2018:11:01-01:51:19 utm auisys[25729]: removing '/var/up2date/geoip-install'
    2018:11:01-01:51:19 utm auisys[25729]: removing '/var/up2date/geoipxtipv6-install'
    2018:11:01-01:51:19 utm auisys[25729]: removing '/var/up2date/ipsbundle2-install'
    2018:11:01-01:51:19 utm auisys[25729]: removing '/var/up2date/savi-install'
    2018:11:01-01:51:19 utm auisys[25729]: Starting Up2Date Package Installer
    2018:11:01-01:51:19 utm auisys[25729]: No suitable packages of type <appctrl43> found, skipping
    2018:11:01-01:51:19 utm auisys[25729]: No suitable packages of type <geoipxtipv6> found, skipping
    2018:11:01-01:51:19 utm auisys[25729]: No suitable packages of type <avira-xvdf> found, skipping
    2018:11:01-01:51:19 utm auisys[25729]: No suitable packages of type <geoip> found, skipping
    2018:11:01-01:51:19 utm auisys[25729]: No suitable packages of type <ipsbundle2> found, skipping
    2018:11:01-01:51:19 utm auisys[25729]: No suitable packages of type <savi> found, skipping
    2018:11:01-01:51:19 utm auisys[25729]: Install u2d packages <aptp>
    2018:11:01-01:51:19 utm auisys[25729]: Starting installing up2date packages for type 'aptp'
    2018:11:01-01:51:19 utm auisys[25729]: Installing up2date package: /var/up2date/aptp/u2d-aptp-9.31427-31428.patch.tgz.gpg
    2018:11:01-01:51:19 utm auisys[25729]: Verifying up2date package signature
    2018:11:01-01:51:19 utm auisys[25729]: Unpacking installation instructions
    2018:11:01-01:51:20 utm auisys[25729]: parsing installation instructions
    2018:11:01-01:51:20 utm auisys[25729]: This is a patch. Setting required_version to 9.31427
    2018:11:01-01:51:20 utm auisys[25729]: Unpacking up2date package container
    2018:11:01-01:51:20 utm auisys[25729]: Running pre-installation checks
    2018:11:01-01:51:20 utm auisys[25729]: Starting up2date package installation
    2018:11:01-01:51:34 utm auisys[25729]: id="371Z" severity="info" sys="system" sub="up2date" name="Successfully installed Up2Date package" status="success" action="install" package_version="9.31428" package="aptp"
    2018:11:01-01:51:34 utm auisys[25729]: [INFO-306] New Pattern Up2Dates installed
    2018:11:01-01:51:35 utm auisys[25729]: Up2Date Package Installer finished, exiting
    2018:11:01-01:51:35 utm auisys[25729]: id="3716" severity="info" sys="system" sub="up2date" name="Up2Date Package Installer finished, exiting"
     
    Complete log for Thursday here (for BAlfson's eyes only - txt will self-destruct after one view): https://file.io/UGYFPi
    Complete log for Friday here (for BAlfson's eyes only - txt will self-destruct after one view): https://file.io/LLniGQ

     

  • 0 in reply to R E

    Someone already looked at those files, but I don't think I need to look at them to comment that everything looks fine.  Different devices will download different patterns and updates, depending on what things are configured and which selections are made.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    BAlfson said:

    Different devices will download different patterns and updates, depending on what things are configured and which selections are made.

    I know that --> thing is that I have another UTM running at my parents house which is using the same config exported from my system + one change to allow them to follow links from shopping.google.com and in the same weeks where I have had an issue theirs has not...  For me the latest report is worse than before with nothing but zeroes being returned while the pattern version has been going up and the U2D logs show that new patterns have been successfully installed on a daily basis.

    BAlfson said:

    I don't think I need to look at them to comment that everything looks fine.

    OK so you also feel that the report seems to be in error here given the log data?  I can post full days for this past week at another site to avoid their self-destruction.

  • 0 in reply to R E

    Ahhhh, I think I just now understood your question - it's about Reporting that doesn't square with your logs.  You might try the following.  It doesn't touch your logs, but it does delete all history in Reporting:

    /etc/init.d/postgresql92 rebuild

    Any luck with that?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Will have to let you know next week as I am traveling out of state ATM.  Initially my post was about the bizarre low amount of requests and low pattern updates installed but it would only randomly exhibit this in the weekly executive report.  Then of course came the 0, 0 and 0 report this last weekend which comes after doing a fresh install of 9.510-5.1 on October 7th.

  • 0 in reply to R E

    OK over the last few weeks, without rebuilding, I've noticed the following in the executive reports I've received:

    Requests successful/failed/updates installed

    11/10

    66/0/12

    11/17

    333/0/48 (interesting note: #10 in the TOP 10 Applications = Sophos UTM Up2Date)

    11/24

    649/0/126

    12/01

    590/0/142

    At the same time the UTM's I've got running at my parents and in-laws spit out reports that look like this:

    11/10

    P: N/A due to DesertNet having to replace satellite equipment...
    I-L: 44/0/7

    11/17

    P: 645/0/133
    I-L: 660/3/133

    11/24

    P: 647/0/126
    I-L: N/A due to Comcast modem failure at my in-laws...

    12/01

    P: 386/0/88
    I-L: 667/1/154

    Their UTM's are using my configuration backup (at the time) imported in plus tweaks they needed.  Given their reports I'm not sure that a database rebuild here is required as this just seems to be happening across the board at random but I am open to it if you're convinced otherwise.

  • +1 in reply to R E

    As I said earlier, I don't think there's a problem.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    That makes two of us.  I'm running with this being the answer.

    Thanks [:D].

    • Reply Children
    No Data
    Unfiltered HTML