This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Question: is it possible that since 09.02.2022 8:00 no pattern / Antivir updates work anymore?

In my log of the UTM the following can be found

2022:02:09-01:00:08 home audld[10394]: id="3707" severity="info" sys="system" sub="up2date" name="Successfully synchronized fileset" status="success" action="download" package="avira4"
2022:02:09-01:00:09 home auisys[10543]: no HA system or cluster node
2022:02:09-01:00:09 home auisys[10543]: waiting for db_verify to return (30 seconds max)
2022:02:09-01:00:11 home auisys[10543]: not cleaning /var/up2date/sys-install in --nosys mode
2022:02:09-01:00:11 home auisys[10543]: removing '/var/up2date/appctrl43-install'
2022:02:09-01:00:11 home auisys[10543]: removing '/var/up2date/aptp-install'
2022:02:09-01:00:11 home auisys[10543]: removing '/var/up2date/avira4-install'
2022:02:09-01:00:11 home auisys[10543]: removing '/var/up2date/aws-install'
2022:02:09-01:00:11 home auisys[10543]: removing '/var/up2date/cadata-install'
2022:02:09-01:00:11 home auisys[10543]: removing '/var/up2date/clvbrowser-install'
2022:02:09-01:00:11 home auisys[10543]: removing '/var/up2date/geoip-install'
2022:02:09-01:00:11 home auisys[10543]: removing '/var/up2date/geoipxtipv6-install'
2022:02:09-01:00:11 home auisys[10543]: removing '/var/up2date/ipsbundle2-install'
2022:02:09-01:00:11 home auisys[10543]: removing '/var/up2date/man9-install'
2022:02:09-01:00:11 home auisys[10543]: removing '/var/up2date/ohelp9-install'
2022:02:09-01:00:11 home auisys[10543]: removing '/var/up2date/sasi-install'
2022:02:09-01:00:11 home auisys[10543]: removing '/var/up2date/savi-install'
2022:02:09-01:00:11 home auisys[10543]: Starting Up2Date Package Installer
2022:02:09-01:00:11 home auisys[10543]: No suitable packages of type <man9> found, skipping
2022:02:09-01:00:11 home auisys[10543]: No suitable packages of type <aws> found, skipping
2022:02:09-01:00:11 home auisys[10543]: No suitable packages of type <clvbrowser> found, skipping
2022:02:09-01:00:11 home auisys[10543]: No suitable packages of type <appctrl43> found, skipping
2022:02:09-01:00:11 home auisys[10543]: No suitable packages of type <ohelp9> found, skipping
2022:02:09-01:00:11 home auisys[10543]: No suitable packages of type <geoipxtipv6> found, skipping
2022:02:09-01:00:11 home auisys[10543]: No suitable packages of type <aptp> found, skipping
2022:02:09-01:00:11 home auisys[10543]: No suitable packages of type <cadata> found, skipping
2022:02:09-01:00:11 home auisys[10543]: No suitable packages of type <geoip> found, skipping
2022:02:09-01:00:11 home auisys[10543]: No suitable packages of type <ipsbundle2> found, skipping
2022:02:09-01:00:11 home auisys[10543]: No suitable packages of type <sasi> found, skipping
2022:02:09-01:00:11 home auisys[10543]: No suitable packages of type <savi> found, skipping
2022:02:09-01:00:11 home auisys[10543]: Install u2d packages <avira4>
2022:02:09-01:00:11 home auisys[10543]: Starting installing up2date packages for type 'avira4'
2022:02:09-01:00:11 home auisys[10543]: Installing up2date package: /var/up2date/avira4/u2d-avira4-9.19140-19141.patch.tgz.gpg
2022:02:09-01:00:11 home auisys[10543]: Verifying up2date package signature
2022:02:09-01:00:11 home auisys[10543]: Unpacking installation instructions
2022:02:09-01:00:11 home auisys[10543]: parsing installation instructions
2022:02:09-01:00:11 home auisys[10543]: This is a patch. Setting required_version to 9.19140
2022:02:09-01:00:11 home auisys[10543]: Unpacking up2date package container
2022:02:09-01:00:11 home auisys[10543]: Running pre-installation checks
2022:02:09-01:00:12 home auisys[10543]: Starting up2date package installation
2022:02:09-01:00:55 home auisys[10543]: Still waiting for process 'sync' (pid=10663, timeout 8388607 seconds, 8388577 remaining)
2022:02:09-01:01:21 home auisys[10543]: id="371Z" severity="info" sys="system" sub="up2date" name="Successfully installed Up2Date package" status="success" action="install" package_version="9.19141" package="avira4"
2022:02:09-01:01:21 home auisys[10543]: [INFO-306] New Pattern Up2Dates installed
2022:02:09-01:01:22 home auisys[10543]: Up2Date Package Installer finished, exiting
2022:02:09-01:01:22 home auisys[10543]: id="3716" severity="info" sys="system" sub="up2date" name="



Since 09.02.2022 approx. 8:00 o'clock there are no more new pattern updates or virus patterns. Is this a local problem for us or do others have the same proble
2022:02:09-08:30:02 home audld[21719]: no HA system or cluster node
2022:02:09-08:30:03 home audld[21719]: patch up2date possible
2022:02:09-08:30:03 home audld[21719]: Starting Secured Up2Date Package Downloader
2022:02:09-08:30:05 home audld[21719]: Secured Up2date Authentication
2022:02:09-08:30:07 home audld[21719]: id="3701" severity="info" sys="system" sub="up2date" name="Authenticationm?


Regards George


This thread was automatically locked due to age.
Parents
  • Hello again. I should have been more precise about this.

    The Sophos installation is a virtual single server. The firmware version is 9.709-3 and the pattern is on 206806.

    Since 09.02.2020 8am no run no virus pattern for both the Avira Engie and the Sophos engine ran in.


    In the log it looks more normal when the update service is working correctly, even if there are no patterns available.

    up2date log

    2022:02:10-19:40:09 home auisys[30385]: Starting Up2Date Package Installer
    2022:02:10-19:40:09 home auisys[30385]: No suitable packages of type <man9> found, skipping
    2022:02:10-19:40:09 home auisys[30385]: No suitable packages of type <aws> found, skipping
    2022:02:10-19:40:09 home auisys[30385]: No suitable packages of type <clvbrowser> found, skipping
    2022:02:10-19:40:09 home auisys[30385]: No suitable packages of type <avira4> found, skipping
    2022:02:10-19:40:09 home auisys[30385]: No suitable packages of type <appctrl43> found, skipping
    2022:02:10-19:40:09 home auisys[30385]: No suitable packages of type <ohelp9> found, skipping
    2022:02:10-19:40:09 home auisys[30385]: No suitable packages of type <geoipxtipv6> found, skipping
    2022:02:10-19:40:09 home auisys[30385]: No suitable packages of type <aptp> found, skipping
    2022:02:10-19:40:09 home auisys[30385]: No suitable packages of type <cadata> found, skipping
    2022:02:10-19:40:09 home auisys[30385]: No suitable packages of type <geoip> found, skipping
    2022:02:10-19:40:09 home auisys[30385]: No suitable packages of type <ipsbundle2> found, skipping
    2022:02:10-19:40:09 home auisys[30385]: No suitable packages of type <sasi> found, skipping


    The situation was until about 18:00 in the evening:

    up2date log

    2022:02:10-16:10:02 home audld[2943]: Starting Secured Up2Date Package Downloader
    2022:02:10-16:10:04 home audld[2943]: Secured Up2date Authentication
    2022:02:10-16:10:06 home audld[2943]: id="3701" severity="info" sys="system" sub="up2date" name="Authentication successful"
    2022:02:10-16:25:01 home audld[4895]: no HA system or cluster node
    2022:02:10-16:25:02 home audld[4895]: patch up2date possible


    The situation was until about 18:00 in the evening: 

    Firewall send Mail:

    New Pattern Up2Dates have been installed. The current pattern version
    is now 9.544.
            
    --
    System Uptime      : 0 days 6 hours 32 minutes
    System Load        : 0.68
    System Version     : Sophos UTM 9.709-3

    Please refer to the manual for detailed instructions.

    up2date log
    2022:02:10-18:40:02 home audld[21863]: no HA system or cluster node
    2022:02:10-18:40:04 home audld[21863]: patch up2date possible
    2022:02:10-18:40:04 home audld[21863]: Starting Secured Up2Date Package Downloader
    2022:02:10-18:40:07 home audld[21863]: Secured Up2date Authentication
    2022:02:10-18:40:09 home audld[21863]: id="3701" severity="info" sys="system" sub="up2date" name="Authentication successful"
    2022:02:10-18:40:11 home audld[21863]: id="3707" severity="info" sys="system" sub="up2date" name="Successfully synchronized fileset" status="success" action="download" package="ipsbundle2"
    2022:02:10-18:40:12 home auisys[21966]: no HA system or cluster node
    2022:02:10-18:40:12 home auisys[21966]: waiting for db_verify to return (30 seconds max)
    2022:02:10-18:40:14 home auisys[21966]: not cleaning /var/up2date/sys-install in --nosys mode
    2022:02:10-18:40:14 home auisys[21966]: removing '/var/up2date/appctrl43-install'
    2022:02:10-18:40:14 home auisys[21966]: removing '/var/up2date/aptp-install'
    2022:02:10-18:40:14 home auisys[21966]: removing '/var/up2date/avira4-install'
    2022:02:10-18:40:14 home auisys[21966]: removing '/var/up2date/aws-install'
    2022:02:10-18:40:14 home auisys[21966]: removing '/var/up2date/cadata-install'
    2022:02:10-18:40:15 home auisys[21966]: removing '/var/up2date/clvbrowser-install'
    2022:02:10-18:40:15 home auisys[21966]: removing '/var/up2date/geoip-install'
    2022:02:10-18:40:15 home auisys[21966]: removing '/var/up2date/geoipxtipv6-install'
    2022:02:10-18:40:15 home auisys[21966]: removing '/var/up2date/ipsbundle2-install'
    2022:02:10-18:40:15 home auisys[21966]: removing '/var/up2date/man9-install'
    2022:02:10-18:40:15 home auisys[21966]: removing '/var/up2date/ohelp9-install'
    2022:02:10-18:40:15 home auisys[21966]: removing '/var/up2date/sasi-install'
    2022:02:10-18:40:15 home auisys[21966]: removing '/var/up2date/savi-install'
    2022:02:10-18:40:15 home auisys[21966]: Starting Up2Date Package Installer
    2022:02:10-18:40:15 home auisys[21966]: No suitable packages of type <man9> found, skipping
    2022:02:10-18:40:15 home auisys[21966]: No suitable packages of type <aws> found, skipping
    2022:02:10-18:40:15 home auisys[21966]: No suitable packages of type <clvbrowser> found, skipping
    2022:02:10-18:40:15 home auisys[21966]: No suitable packages of type <avira4> found, skipping
    2022:02:10-18:40:15 home auisys[21966]: No suitable packages of type <appctrl43> found, skipping
    2022:02:10-18:40:15 home auisys[21966]: No suitable packages of type <ohelp9> found, skipping
    2022:02:10-18:40:15 home auisys[21966]: No suitable packages of type <geoipxtipv6> found, skipping
    2022:02:10-18:40:15 home auisys[21966]: No suitable packages of type <aptp> found, skipping
    2022:02:10-18:40:15 home auisys[21966]: No suitable packages of type <cadata> found, skipping
    2022:02:10-18:40:15 home auisys[21966]: No suitable packages of type <geoip> found, skipping
    2022:02:10-18:40:15 home auisys[21966]: No suitable packages of type <sasi> found, skipping
    2022:02:10-18:40:15 home auisys[21966]: No suitable packages of type <savi> found, skipping
    2022:02:10-18:40:15 home auisys[21966]: Install u2d packages <ipsbundle2>
    2022:02:10-18:40:15 home auisys[21966]: Starting installing up2date packages for type 'ipsbundle2'
    2022:02:10-18:40:15 home auisys[21966]: Installing up2date package: /var/up2date/ipsbundle2/u2d-ipsbundle2-9.544.tgz.gpg
    2022:02:10-18:40:15 home auisys[21966]: Verifying up2date package signature
    2022:02:10-18:40:16 home auisys[21966]: Unpacking installation instructions
    2022:02:10-18:40:16 home auisys[21966]: parsing installation instructions
    2022:02:10-18:40:16 home auisys[21966]: Unpacking up2date package container
    2022:02:10-18:40:16 home auisys[21966]: Running pre-installation checks
    2022:02:10-18:40:17 home auisys[21966]: Starting up2date package installation
    2022:02:10-18:40:41 home auisys[21966]: id="371Z" severity="info" sys="system" sub="up2date" name="Successfully installed Up2Date package" status="success" action="install" package_version="9.544" package="ipsbundle2"
    2022:02:10-18:40:41 home auisys[21966]: [INFO-306] New Pattern Up2Dates installed

    I will continue to keep an eye on the Up2date and report if there is a change

    Best regards

    George


  • So as I edited my post, I indicated this appeared normal and have seen this in Up2Date.

    You should check the logs specific for 'savi' and see when that was last updated in your Up2Date log for today.  The number won't necessarily change when there is an AV update.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • the pattern version displayed on the admin page does not tell you if the pattern is up to date. If e.g. IPS is switched off in a UTM, there is no update for exactly these functions. The pattern version will have a different status than that of a firewall with IPS enabled.  The question about the pattern version is therefore irrelevant if there is no information about which mechanisms are used in the firewall. By the way, the pattern version is also independent of the firmware, unless the update RPM check shows that there is a firmware version that has no RPM support for the corresponding firmware.

    Again to my question from the beginning: Is there a problem with the pattern download, Sophos provides pattern for virus, IPS /IDS still. - Yes, there was a problem with Sophos not delivering patterns at a certain point in time.

    At customers of ours and in our Sophos were from a certain point this week no patterns loaded and but yesterday around 8.00 in the evening were provided by Sophos again patterns.

Reply
  • the pattern version displayed on the admin page does not tell you if the pattern is up to date. If e.g. IPS is switched off in a UTM, there is no update for exactly these functions. The pattern version will have a different status than that of a firewall with IPS enabled.  The question about the pattern version is therefore irrelevant if there is no information about which mechanisms are used in the firewall. By the way, the pattern version is also independent of the firmware, unless the update RPM check shows that there is a firmware version that has no RPM support for the corresponding firmware.

    Again to my question from the beginning: Is there a problem with the pattern download, Sophos provides pattern for virus, IPS /IDS still. - Yes, there was a problem with Sophos not delivering patterns at a certain point in time.

    At customers of ours and in our Sophos were from a certain point this week no patterns loaded and but yesterday around 8.00 in the evening were provided by Sophos again patterns.

Children
  • Hello - Just curious if anybody found any additional information on this issue.  I'm still showing pattern version 206808 on all UTM even though the logs show successful package installs.  The pattern version remains the same running versions 9.707 and 9.709.

  • I'd say at this point, it's plausible.  I am on the same update pattern version.  It's happened before, and it will happen again I'm sure. ;)

    Can we get any Sophos Staff to check this for us please?  SAVI seems to be updating but the general pattern version seems to be stuck on 206808.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)