SInce I updated from 9.703 to 9.705 my Webserver protection is going nuts.
Hundreds of repeating entries like this:
Thank you for reaching out to the Community!
If there are recent core dump on your UTM, please create a support case at support.sophos.com for further investigation and PM me the support case number to help with the followup.
This is not a problem I've seen elsewhere here. Have you tried restoring the backup made just prior to Up2Dating from 9.703? If that doesn't work, does a reboot solve this?
Cheers - Bob
Hi Bob, thanks for your answer.
I was busy with other things the last days, but I will start to collect logs and dumps in the next days.
Reboot will help only for a couple of hours. I will try to restore the 9.703 backup.
Does a restore cleanup the antivirus engine files as well? I had a lot of crashing of cssd.
In rare situations, Edmund, an Up2Date will corrupt a configuration, hence the suggestion to try restoring the pre-Up2Date backup. If that doesn't work, a possible, rarer problem is an Up2Date "breaks" something that's not a part of the configuration backup, and the only solution I've seen is re-imaging from ISO and restoring a backup. I've successfully used WinSCP to get logs off a machine that was "broken" by the 9.702-2 Up2Date and then loaded them back onto the newly re-imaged machine.