Hi, i've got this message every minute since yesterday.
Have you got a any idea ?
This thread was automatically locked due to age.
There was an issue, should be fixed. See: https://community.sophos.com/sophos-xg-firewall/f/discussions/136817/malware-unscannable-was-detected-and-blocked-alert-sophos-xg-firewall---http-virus-detected
__________________________________________________________________________________________________________________
AP Firmware
|
11.0.020
|
-
|
16:32:26, Sep 06 2022
|
Success
|
ATP
|
1.0.0436
|
-
|
09:35:48, Oct 10 2022
|
Success
|
Avira AV
|
1.0.420123
|
-
|
09:50:48, Oct 10 2022
|
Success
|
Authentication Clients
|
1.0.0020
|
-
|
11:53:30, Mar 31 2022
|
Success
|
Geoip ip2country DB
|
2.0.014
|
-
|
08:53:29, Oct 07 2022
|
Success
|
IPS and Application signatures
|
18.19.72
|
-
|
16:56:54, Oct 07 2022
|
Success
|
Sophos Connect Clients
|
2.2.000
|
-
|
17:05:30, Jun 27 2022
|
Success
|
RED Firmware
|
3.0.008
|
-
|
08:54:18, Jul 15 2022
|
Success
|
Sophos AntiSpam Interface
|
1.0.236
|
-
|
14:54:28, Oct 07 2022
|
Success
|
Sophos AV
|
1.0.18170
|
-
|
09:51:44, Oct 10 2022
|
Success
|
SSLVPN Clients
|
1.0.009
|
-
|
16:54:49, Dec 14 2021
|
Success
|
Can you check the u2d.log and savi log?
__________________________________________________________________________________________________________________
SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 u2d.log | more DEBUG 2022-10-10 16:30:54Z [23636]: --pkg_redfw_cv = 2.00 DEBUG 2022-10-10 16:30:54Z [23636]: --pkg_odt_version = 1.0.006 DEBUG 2022-10-10 16:30:54Z [23636]: --pkg_odt_cv = 1.00 DEBUG 2022-10-10 16:30:54Z [23636]: --pkg_sasi_version = 1.0.236 DEBUG 2022-10-10 16:30:54Z [23636]: --pkg_sasi_cv = 1.00 DEBUG 2022-10-10 16:30:54Z [23636]: --oem = Sophos DEBUG 2022-10-10 16:30:54Z [23636]: --central_mgmt = 1.0 DEBUG 2022-10-10 16:30:54Z [23636]: --server = u2d.sophos.com DEBUG 2022-10-10 16:30:54Z [23636]: --port = 443 DEBUG 2022-10-10 16:30:54Z [23636]: Added new server : Host - u2d.sophos.com, Port - 443 DEBUG 2022-10-10 16:30:54Z [23636]: --u2d_proto = 2.00 DEBUG 2022-10-10 16:30:54Z [23636]: Final query string is : ?&serialkey=C01001B3783Q7BC&deviceid=10cf0a3f-eebd-4979-92d7-25dad527c17d&fwversion=19.0.1.365&productcode=CN&appmodel=SF01V&appvendor=VM01&useragent=SF&oem=Sophos&pkg_ips_version=18.19.73&pkg_ips_type=ips_app&pkg_ips_cv=19.0&pkg_atp_version=1.0.0436&pkg_atp_cv=1.00&pkg_savi_version=1.0.18171&pkg_savi_patch=2&pkg_savi_cv=1.00&pkg_avira_version=1.0.420126&pkg_avira_patch=2&pkg_avira_cv=4.00&pkg_geoip_version=2.0.014&pkg_geoip_cv=1.00&pkg_clientauth_version=1.0.0020&pkg_clientauth_cv=2.00&pkg_apfw_version=11.0.020&pkg_apfw_cv=1.00&pkg_redfw_version=3.0.008&pkg_redfw_cv=2.00&pkg_sslvpn_version=1.0.009&pkg_sslvpn_cv=1.02&pkg_ipsec_version=2.2.000&pkg_ipsec_cv=1.00¢ral_mgmt=1.0&pkg_odt_version=1.0.006&pkg_odt_cv=1.00&pkg_sasi_version=1.0.236&pkg_sasi_cv=1.00&u2d_proto=2.00 DEBUG 2022-10-10 16:30:55Z [23636]: Response code : 200 DEBUG 2022-10-10 16:30:55Z [23636]: Response body : <Up2Date/> DEBUG 2022-10-10 16:30:55Z [23636]: Response length : 11 DEBUG 2022-10-10 16:31:25Z [23872]: --serial = C01001B3783Q7BC DEBUG 2022-10-10 16:31:25Z [23872]: --deviceid = 10cf0a3f-eebd-4979-92d7-25dad527c17d DEBUG 2022-10-10 16:31:25Z [23872]: --fwversion = 19.0.1.365 DEBUG 2022-10-10 16:31:25Z [23872]: --productcode = CN DEBUG 2022-10-10 16:31:25Z [23872]: --model = SF01V DEBUG 2022-10-10 16:31:25Z [23872]: --vendor = VM01 DEBUG 2022-10-10 16:31:25Z [23872]: --pkg_sysupdate_version = 4 DEBUG 2022-10-10 16:31:25Z [23872]: Added new server : Host - eu-west-1.u2d.sophos.com., Port - 443 DEBUG 2022-10-10 16:31:25Z [23872]: Added new server : Host - us-west-2.u2d.sophos.com., Port - 443 DEBUG 2022-10-10 16:31:25Z [23872]: Added new server : Host - ap-northeast-1.u2d.sophos.com., Port - 443 DEBUG 2022-10-10 16:31:25Z [23872]: --u2d_proto = 2.00 DEBUG 2022-10-10 16:31:25Z [23872]: Final query string is : ?&serialkey=C01001B3783Q7BC&deviceid=10cf0a3f-eebd-4979-92d7-25dad527c17d&fwversion=19.0.1.365&productcode=CN&appmodel=SF01V&appvendor=VM01&useragent=SF&oem=&pkg_sysupdate_version=4&u2d_proto=2.00 DEBUG 2022-10-10 16:31:47Z [23872]: Response code : 200 DEBUG 2022-10-10 16:31:47Z [23872]: Response body : <Up2Date/> DEBUG 2022-10-10 16:31:47Z [23872]: Response length : 11 DEBUG 2022-10-10 16:41:32Z [26802]: --serial = C01001B3783Q7BC DEBUG 2022-10-10 16:41:32Z [26802]: --deviceid = 10cf0a3f-eebd-4979-92d7-25dad527c17d DEBUG 2022-10-10 16:41:32Z [26802]: --fwversion = 19.0.1.365 DEBUG 2022-10-10 16:41:32Z [26802]: --productcode = CN DEBUG 2022-10-10 16:41:32Z [26802]: --model = SF01V DEBUG 2022-10-10 16:41:32Z [26802]: --vendor = VM01 DEBUG 2022-10-10 16:41:32Z [26802]: --pkg_sysupdate_version = 4 DEBUG 2022-10-10 16:41:32Z [26802]: --oem = Sophos DEBUG 2022-10-10 16:41:32Z [26802]: --central_mgmt = 1.0 DEBUG 2022-10-10 16:41:32Z [26802]: --server = u2d.sophos.com DEBUG 2022-10-10 16:41:32Z [26802]: --port = 443 DEBUG 2022-10-10 16:41:32Z [26802]: Added new server : Host - u2d.sophos.com, Port - 443 DEBUG 2022-10-10 16:41:32Z [26802]: --u2d_proto = 2.00 DEBUG 2022-10-10 16:41:32Z [26802]: Final query string is : ?&serialkey=C01001B3783Q7BC&deviceid=10cf0a3f-eebd-4979-92d7-25dad527c17d&fwversion=19.0.1.365&productcode=CN&appmodel=SF01V&appvendor=VM01&useragent=SF&oem=Sophos&pkg_sysupdate_version=4¢ral_mgmt=1.0&u2d_proto=2.00 DEBUG 2022-10-10 16:41:33Z [26802]: Response code : 200 DEBUG 2022-10-10 16:41:33Z [26802]: Response body : <Up2Date/> DEBUG 2022-10-10 16:41:33Z [26802]: Response length : 11 DEBUG 2022-10-10 16:45:57Z [27992]: --serial = C01001B3783Q7BC DEBUG 2022-10-10 16:45:57Z [27992]: --deviceid = 10cf0a3f-eebd-4979-92d7-25dad527c17d DEBUG 2022-10-10 16:45:57Z [27992]: --fwversion = 19.0.1.365 DEBUG 2022-10-10 16:45:57Z [27992]: --productcode = CN DEBUG 2022-10-10 16:45:57Z [27992]: --model = SF01V DEBUG 2022-10-10 16:45:57Z [27992]: --vendor = VM01 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_ips_version = 18.19.73 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_ips_cv = 19.0 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_ips_type = ips_app DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_atp_version = 1.0.0436 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_atp_cv = 1.00 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_savi_version = 1.0.18171 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_savi_cv = 1.00 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_avira_version = 1.0.420126 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_avira_cv = 4.00 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_apfw_version = 11.0.020 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_apfw_cv = 1.00 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_sslvpn_version = 1.0.009 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_sslvpn_cv = 1.02 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_ipsec_version = 2.2.000 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_ipsec_cv = 1.00 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_geoip_version = 2.0.014 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_geoip_cv = 1.00 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_clientauth_version = 1.0.0020 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_clientauth_cv = 2.00 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_redfw_version = 3.0.008 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_redfw_cv = 2.00 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_odt_version = 1.0.006 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_odt_cv = 1.00 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_sasi_version = 1.0.236 DEBUG 2022-10-10 16:45:57Z [27992]: --pkg_sasi_cv = 1.00 DEBUG 2022-10-10 16:45:57Z [27992]: --oem = Sophos DEBUG 2022-10-10 16:45:57Z [27992]: --central_mgmt = 1.0 DEBUG 2022-10-10 16:45:57Z [27992]: --server = u2d.sophos.com DEBUG 2022-10-10 16:45:57Z [27992]: --port = 443 DEBUG 2022-10-10 16:45:57Z [27992]: Added new server : Host - u2d.sophos.com, Port - 443 DEBUG 2022-10-10 16:45:57Z [27992]: --u2d_proto = 2.00 DEBUG 2022-10-10 16:45:57Z [27992]: Final query string is : ?&serialkey=C01001B3783Q7BC&deviceid=10cf0a3f-eebd-4979-92d7-25dad527c17d&fwversion=19.0.1.365&productcode=CN&appmodel=SF01V&appvendor=VM01&useragent=SF&oem=Sophos&pkg_ips_version=18.19.73&pkg_ips_type=ips_app&pkg_ips_cv=19.0&pkg_atp_version=1.0.0436&pkg_atp_cv=1.00&pkg_savi_version=1.0.18171&pkg_savi_patch=2&pkg_savi_cv=1.00&pkg_avira_version=1.0.420126&pkg_avira_patch=2&pkg_avira_cv=4.00&pkg_geoip_version=2.0.014&pkg_geoip_cv=1.00&pkg_clientauth_version=1.0.0020&pkg_clientauth_cv=2.00&pkg_apfw_version=11.0.020&pkg_apfw_cv=1.00&pkg_redfw_version=3.0.008&pkg_redfw_cv=2.00&pkg_sslvpn_version=1.0.009&pkg_sslvpn_cv=1.02&pkg_ipsec_version=2.2.000&pkg_ipsec_cv=1.00¢ral_mgmt=1.0&pkg_odt_version=1.0.006&pkg_odt_cv=1.00&pkg_sasi_version=1.0.236&pkg_sasi_cv=1.00&u2d_proto=2.00 DEBUG 2022-10-10 16:45:58Z [27992]: Response code : 200 DEBUG 2022-10-10 16:45:58Z [27992]: Response body : <Up2Date/>
I've got no log in live log > Malware
Thanks a lot for your help LuCar Toni
The av.log log is empty as you can see below.
I put you the avg.log logs in addition.
Is it possible to create a support case with the use of the evaluating version of sophos xg ?
SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 av.log | more SFVH_VM01_SFOS 19.0.1 MR-1-Build365# vi av.log SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 av.log | more SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 avd.log | more 2022-10-11 05:52:43Z :[INFO] 4 describe_config: CleanPng 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: CleanMp3 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: CleanMpeg 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: CleanWmf 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Xml 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: XmlOdoc 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Hfs 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Guid 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Dmg 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Swf 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: AS3 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Dex 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: AXml 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Plist 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ISO9660 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: JSEmul 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: LimitJSEmulation 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: FullMacroSweep 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: FullPdf 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StrictPdf 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StrongPdf 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: PDFUnifiedTextExtract 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: FullSweep 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MarkTampered 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StorageReport 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StorageReportAll 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StorageReportAddtolist 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StorageDetOnly 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: TrueFileTypeDetection 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: UnixArchive 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Rpm 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Saveset 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ExtensiveScan 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SampleSubmit 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: CloudSandbox 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MLEnabled 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MLVeexReporting 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: VeexMiscPeTreeCbkEnabled 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: DecomprSizeCb 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MimeEmbedLimit 25 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MimeEmbedLines 500 2022-10-11 05:52:43Z :[INFO] 4 describe_config: TrueFileTypeDetectionLevel 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MaxRecursionDepth 16 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MaxIntRecDepth 25 2022-10-11 05:52:43Z :[INFO] 4 describe_config: BuffCacheSize 4 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MaxSampleSubmitSize 10240 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpSuper 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpArchiveUnpack 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpSelfExtract 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpExecutable 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpInternet 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpMSOffice 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpMisc 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpDisinfect 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpClean 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpWebArchive 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpWebEncoding 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: HtmlMaxExtStrmSize 104857600 2022-10-11 05:52:43Z :[INFO] 4 describe_config: XmlMaxExtStrCnt 1000000 2022-10-11 05:52:43Z :[INFO] 4 describe_config: NamespaceSupport 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: EnableAutoStop 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: EnablePdfAutoStop 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: BehaviourMalware 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: BehaviourSuspicious 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: PuaDetection 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ThreatAccumulation 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: DetectSecondaries 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ApplicationControl 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: VirusDataDir /sdisk/savi/vdl 2022-10-11 05:52:43Z :[INFO] 4 describe_config: VirusDataName vdl 2022-10-11 05:52:43Z :[INFO] 4 describe_config: IdeDir /sdisk/savi/ide 2022-10-11 05:52:43Z :[INFO] 4 describe_config: AllowPartialVirusData 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductMobile 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductGateway 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductCLI 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductWeb 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductDesktop 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductUnspecified 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: EnableAllowedLists 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: EnableOSSpecificLoad 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: VirusDataIntegrityChecking 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLLiveProtection 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLEvaluation 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLAsynchDelay 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLTimeout 250 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLAsynchThreadCount 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLAsynchQueueSize 200 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLCacheEnable 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLCacheSize 20 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLCacheFileStub 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MLDLL 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MLData 2022-10-11 05:52:43Z :[INFO] 4 describe_config: LRLib 2022-10-11 05:52:43Z :[INFO] 4 display_sophos_version: Engine version number : 3.85 2022-10-11 05:52:43Z :[INFO] 4 display_sophos_version: Extended version : 1 2022-10-11 05:52:43Z :[INFO] 4 display_sophos_version: Threat data version string(IDE) : 5.94 2022-10-11 05:52:43Z :[INFO] 4 display_sophos_version: Number of detectable threats : 75386748 2022-10-11 05:52:43Z :[INFO] 4 display_sophos_version: Date of threat data (D/M/Y) : 12/7/2022 2022-10-11 05:52:44Z :[INFO] 99 sophos_reload_sig: Every thread reloaded new savi object, safe to start scanning SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 avd.log | more 2022-10-11 05:52:43Z :[INFO] 4 describe_config: CleanPng 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: CleanMp3 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: CleanMpeg 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: CleanWmf 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Xml 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: XmlOdoc 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Hfs 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Guid 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Dmg 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Swf 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: AS3 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Dex 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: AXml 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Plist 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ISO9660 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: JSEmul 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: LimitJSEmulation 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: FullMacroSweep 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: FullPdf 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StrictPdf 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StrongPdf 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: PDFUnifiedTextExtract 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: FullSweep 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MarkTampered 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StorageReport 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StorageReportAll 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StorageReportAddtolist 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StorageDetOnly 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: TrueFileTypeDetection 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: UnixArchive 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Rpm 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Saveset 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ExtensiveScan 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SampleSubmit 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: CloudSandbox 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MLEnabled 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MLVeexReporting 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: VeexMiscPeTreeCbkEnabled 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: DecomprSizeCb 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MimeEmbedLimit 25 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MimeEmbedLines 500 2022-10-11 05:52:43Z :[INFO] 4 describe_config: TrueFileTypeDetectionLevel 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MaxRecursionDepth 16 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MaxIntRecDepth 25 2022-10-11 05:52:43Z :[INFO] 4 describe_config: BuffCacheSize 4 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MaxSampleSubmitSize 10240 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpSuper 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpArchiveUnpack 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpSelfExtract 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpExecutable 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpInternet 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpMSOffice 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpMisc 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpDisinfect 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpClean 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpWebArchive 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpWebEncoding 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: HtmlMaxExtStrmSize 104857600 2022-10-11 05:52:43Z :[INFO] 4 describe_config: XmlMaxExtStrCnt 1000000 2022-10-11 05:52:43Z :[INFO] 4 describe_config: NamespaceSupport 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: EnableAutoStop 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: EnablePdfAutoStop 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: BehaviourMalware 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: BehaviourSuspicious 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: PuaDetection 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ThreatAccumulation 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: DetectSecondaries 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ApplicationControl 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: VirusDataDir /sdisk/savi/vdl 2022-10-11 05:52:43Z :[INFO] 4 describe_config: VirusDataName vdl 2022-10-11 05:52:43Z :[INFO] 4 describe_config: IdeDir /sdisk/savi/ide 2022-10-11 05:52:43Z :[INFO] 4 describe_config: AllowPartialVirusData 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductMobile 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductGateway 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductCLI 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductWeb 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductDesktop 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductUnspecified 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: EnableAllowedLists 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: EnableOSSpecificLoad 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: VirusDataIntegrityChecking 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLLiveProtection 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLEvaluation 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLAsynchDelay 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLTimeout 250 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLAsynchThreadCount 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLAsynchQueueSize 200 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLCacheEnable 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLCacheSize 20 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLCacheFileStub 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MLDLL 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MLData 2022-10-11 05:52:43Z :[INFO] 4 describe_config: LRLib 2022-10-11 05:52:43Z :[INFO] 4 display_sophos_version: Engine version number : 3.85 2022-10-11 05:52:43Z :[INFO] 4 display_sophos_version: Extended version : 1 2022-10-11 05:52:43Z :[INFO] 4 display_sophos_version: Threat data version string(IDE) : 5.94 2022-10-11 05:52:43Z :[INFO] 4 display_sophos_version: Number of detectable threats : 75386748 2022-10-11 05:52:43Z :[INFO] 4 display_sophos_version: Date of threat data (D/M/Y) : 12/7/2022 2022-10-11 05:52:44Z :[INFO] 99 sophos_reload_sig: Every thread reloaded new savi object, safe to start scanning SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 av.log | more SFVH_VM01_SFOS 19.0.1 MR-1-Build365# tail -n 100 avd.log | more 2022-10-11 05:52:43Z :[INFO] 4 describe_config: CleanPng 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: CleanMp3 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: CleanMpeg 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: CleanWmf 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Xml 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: XmlOdoc 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Hfs 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Guid 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Dmg 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Swf 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: AS3 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Dex 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: AXml 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Plist 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ISO9660 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: JSEmul 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: LimitJSEmulation 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: FullMacroSweep 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: FullPdf 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StrictPdf 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StrongPdf 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: PDFUnifiedTextExtract 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: FullSweep 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MarkTampered 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StorageReport 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StorageReportAll 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StorageReportAddtolist 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: StorageDetOnly 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: TrueFileTypeDetection 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: UnixArchive 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Rpm 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: Saveset 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ExtensiveScan 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SampleSubmit 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: CloudSandbox 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MLEnabled 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MLVeexReporting 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: VeexMiscPeTreeCbkEnabled 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: DecomprSizeCb 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MimeEmbedLimit 25 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MimeEmbedLines 500 2022-10-11 05:52:43Z :[INFO] 4 describe_config: TrueFileTypeDetectionLevel 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MaxRecursionDepth 16 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MaxIntRecDepth 25 2022-10-11 05:52:43Z :[INFO] 4 describe_config: BuffCacheSize 4 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MaxSampleSubmitSize 10240 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpSuper 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpArchiveUnpack 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpSelfExtract 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpExecutable 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpInternet 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpMSOffice 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpMisc 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpDisinfect 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpClean 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpWebArchive 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: GrpWebEncoding 2 2022-10-11 05:52:43Z :[INFO] 4 describe_config: HtmlMaxExtStrmSize 104857600 2022-10-11 05:52:43Z :[INFO] 4 describe_config: XmlMaxExtStrCnt 1000000 2022-10-11 05:52:43Z :[INFO] 4 describe_config: NamespaceSupport 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: EnableAutoStop 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: EnablePdfAutoStop 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: BehaviourMalware 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: BehaviourSuspicious 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: PuaDetection 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ThreatAccumulation 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: DetectSecondaries 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ApplicationControl 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: VirusDataDir /sdisk/savi/vdl 2022-10-11 05:52:43Z :[INFO] 4 describe_config: VirusDataName vdl 2022-10-11 05:52:43Z :[INFO] 4 describe_config: IdeDir /sdisk/savi/ide 2022-10-11 05:52:43Z :[INFO] 4 describe_config: AllowPartialVirusData 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductMobile 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductGateway 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductCLI 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductWeb 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductDesktop 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: ProductUnspecified 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: EnableAllowedLists 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: EnableOSSpecificLoad 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: VirusDataIntegrityChecking 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLLiveProtection 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLEvaluation 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLAsynchDelay 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLTimeout 250 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLAsynchThreadCount 1 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLAsynchQueueSize 200 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLCacheEnable 0 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLCacheSize 20 2022-10-11 05:52:43Z :[INFO] 4 describe_config: SXLCacheFileStub 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MLDLL 2022-10-11 05:52:43Z :[INFO] 4 describe_config: MLData 2022-10-11 05:52:43Z :[INFO] 4 describe_config: LRLib 2022-10-11 05:52:43Z :[INFO] 4 display_sophos_version: Engine version number : 3.85 2022-10-11 05:52:43Z :[INFO] 4 display_sophos_version: Extended version : 1 2022-10-11 05:52:43Z :[INFO] 4 display_sophos_version: Threat data version string(IDE) : 5.94 2022-10-11 05:52:43Z :[INFO] 4 display_sophos_version: Number of detectable threats : 75386748 2022-10-11 05:52:43Z :[INFO] 4 display_sophos_version: Date of threat data (D/M/Y) : 12/7/2022 2022-10-11 05:52:44Z :[INFO] 99 sophos_reload_sig: Every thread reloaded new savi object, safe to start scanning
Hi Xitey,
Based on the log snippets you have attached, the latest AV signatures are installed on your device and are being used by the AV scanning service. Can you please verify that HTTP requests are still being blocked as unscannable? It's possible that your firewall had queued up those email alerts and you were still receiving the notifications after the issue had been resolved. The date/time of the event is included in the body of the email alert so you can use that to determine if the alerts are outdated.
If you are still having issues with traffic being blocked as unscannable, please attach the output of this command: grep -w ERROR /log/avd.log | grep sophos__scanfile | tail -n 100
Thanks,
Peter Gale | Director, Software Development, NSG
Peter Gale | Director, Software Development, NSG
peter.gale@sophos.com
Thanks a lot for your help Peter Gale
Here are the logs below
Sophos Firmware Version SFOS 19.0.1 MR-1-Build365 Device Management 1. Reset to Factory Defaults 2. Show Firmware(s) 3. Advanced Shell 4. Flush Device Reports 0. Exit Select Menu Number [0-4]: 3 Sophos Firewall =============== (C) Copyright 2000-2022 Sophos Limited and others. All rights reserved. Sophos is a registered trademark of Sophos Limited and Sophos Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners. For Sophos End User Terms of Use - https://www.sophos.com/en-us/legal/sophos-end -user-terms-of-use.aspx NOTE: If not explicitly approved by Sophos support, any modifications done through this option will void your support. SFVH_VM01_SFOS 19.0.1 MR-1-Build365# grep -w ERROR /log/avd.log | grep sophos__ scanfile | tail -n 100 2022-10-08 04:53:06Z :[ERROR] 0 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:06Z :[ERROR] 1 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:07Z :[ERROR] 2 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:08Z :[ERROR] 3 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:08Z :[ERROR] 4 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:11Z :[ERROR] 5 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:14Z :[ERROR] 6 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:16Z :[ERROR] 7 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:17Z :[ERROR] 8 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:18Z :[ERROR] 9 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:19Z :[ERROR] 10 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:19Z :[ERROR] 11 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:20Z :[ERROR] 12 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:21Z :[ERROR] 13 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:21Z :[ERROR] 14 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:23Z :[ERROR] 15 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:23Z :[ERROR] 0 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:23Z :[ERROR] 1 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:26Z :[ERROR] 2 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:29Z :[ERROR] 3 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:32Z :[ERROR] 4 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:34Z :[ERROR] 5 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:34Z :[ERROR] 6 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:35Z :[ERROR] 7 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:36Z :[ERROR] 8 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:36Z :[ERROR] 9 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:38Z :[ERROR] 10 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:38Z :[ERROR] 11 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:38Z :[ERROR] 12 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:41Z :[ERROR] 13 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:44Z :[ERROR] 14 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:47Z :[ERROR] 15 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:49Z :[ERROR] 0 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:49Z :[ERROR] 1 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:50Z :[ERROR] 2 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:51Z :[ERROR] 3 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:51Z :[ERROR] 4 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:53Z :[ERROR] 5 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:53Z :[ERROR] 6 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:53Z :[ERROR] 7 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:56Z :[ERROR] 8 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:53:59Z :[ERROR] 9 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:00Z :[ERROR] 10 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:02Z :[ERROR] 11 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:04Z :[ERROR] 12 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:04Z :[ERROR] 13 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:05Z :[ERROR] 14 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:07Z :[ERROR] 15 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:07Z :[ERROR] 0 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:08Z :[ERROR] 1 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:08Z :[ERROR] 2 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:09Z :[ERROR] 3 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:11Z :[ERROR] 4 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:14Z :[ERROR] 5 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:17Z :[ERROR] 6 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:20Z :[ERROR] 7 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:20Z :[ERROR] 8 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:20Z :[ERROR] 9 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:22Z :[ERROR] 10 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:22Z :[ERROR] 11 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:23Z :[ERROR] 12 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:24Z :[ERROR] 13 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:24Z :[ERROR] 14 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:26Z :[ERROR] 15 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:29Z :[ERROR] 0 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:44Z :[ERROR] 3 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:44Z :[ERROR] 2 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:44Z :[ERROR] 1 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:44Z :[ERROR] 4 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:44Z :[ERROR] 5 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:45Z :[ERROR] 6 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:48Z :[ERROR] 7 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:51Z :[ERROR] 8 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:54Z :[ERROR] 9 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:54:57Z :[ERROR] 10 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:00Z :[ERROR] 11 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:03Z :[ERROR] 12 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:06Z :[ERROR] 13 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:08Z :[ERROR] 14 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:08Z :[ERROR] 15 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:08Z :[ERROR] 0 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:08Z :[ERROR] 1 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:09Z :[ERROR] 2 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:09Z :[ERROR] 3 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:09Z :[ERROR] 4 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:12Z :[ERROR] 5 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:15Z :[ERROR] 6 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:18Z :[ERROR] 7 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:21Z :[ERROR] 8 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:23Z :[ERROR] 9 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:23Z :[ERROR] 10 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:23Z :[ERROR] 11 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:23Z :[ERROR] 12 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:24Z :[ERROR] 13 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:25Z :[ERROR] 14 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:25Z :[ERROR] 15 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:27Z :[ERROR] 0 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:30Z :[ERROR] 1 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:30Z :[ERROR] 2 sophos__scanfile: unable to sweep file [0x0004021e] 2022-10-08 04:55:33Z :[ERROR] 3 sophos__scanfile: unable to sweep file [0x0004021e] SFVH_VM01_SFOS 19.0.1 MR-1-Build365#
Hi Xitey,
According to those logs, the issue stopped occurring on October 8th which coincides with when the pattern update was released. Please confirm if you are still experiencing blocked requests.
Thanks,
Peter Gale | Director, Software Development, NSG
Peter Gale | Director, Software Development, NSG
peter.gale@sophos.com