Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.

SEP Content Distribution Monitor (for GUP health-checking)

Created: 14 Jun 2010 • Updated: 25 Jul 2011 | 336 comments
GrahamA's picture
+51 51 Votes
Login to vote

UPDATED: New version now available that is compatible with SEP 12.1

After hearing customers mention they could benefit from increased visibility over the Group Update Providers that are active in their environment, as they are a critical part of their content infrastructure, the Symantec SEP product team have created a small utility to help customers address this need.

Its a v lightweight utility that must be run directly on a SEPM machine and will provide customers with a quick glance dashboard.

Warning: This is not an officially supported tool so it is use at own risk. That said, it is reading from the various data sources it accesses, not writing to them, so use of the tool is typically low risk, and customers that have used it so far have reported no negative side-effects.
Best Regards,
GrahamA.
 
Product Management
Symantec Corporation

Comments 336 CommentsJump to latest comment

pawan2230's picture

Can u please help wht table info i have to define in config.ini file

OLEDB_string=Provider=SQLOLEDB;Data Source=10.72.19.88\sepm;Initial Catalog=sem5;Integrated Security=SSPI
OLEDB_Username=sem5
OLEDB_Password=********

table_name_prepend= ?????????

 

-Pawan

0
Login to vote
yadagiri.kovi1's picture

GUP Distrubution monitoring tool installation steps required.

Kindly help anyone...

 

+1
Login to vote
thatdude's picture

I would love to have something like this for LU Admin 2.x. We use LU Admin on over 100 different locations to distribute content instead of GUP's.

+2
Login to vote
GrahamA's picture

We actually have created something similar for LUA in the past (a central way to monitor the data for LUA) but I would also like to talk to you about why and how you use LUA so see if we potentially have a better solution today. Just curious, can you explain the reason you don't use GUP instead? or can you send me a personal message (PM) in connect so we can discuss further?

Many thx.

GrahamA Product Management, Symantec Security Solutions

+1
Login to vote
Hear4U's picture

check it out here. 

https://www-secure.symantec.com/connect/videos/sep...

If you have suggestions for other videos, let us know and we can work toward creating them for you - we are "hear4u"...

Best,

Eric

check out the community at www.infoblox.com/community

0
Login to vote
jkuehner's picture

Anyone else getting this error?

0
Login to vote
jkuehner's picture

Runs fine at first.  It seems I get that after the IIS logs have collected a few hours of information.

0
Login to vote
GrahamA's picture

ah, interesting! thx for letting me know, it could be because the value grows higher than the variable can store. What value were you seeing that value grow to? You can hover the mouse over the number to the right of the 'Total' field in the middle widget to see the number? Sounds like I may need to change the variable to a large integer so it can store larger numbers, let me do that and post an updated version of the tool for Monday next week.

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
MaRRuT@CC's picture

really nice to see a tool like this. I think alot of ppl thought about a possibility to have a more manageable overview about their gup's.

0
Login to vote
Didlex's picture

I get the same error message, I can't hover over the 'total' since there its not shown at all. This is running on a Windows 2008. Worked the first few times.

0
Login to vote
yadagiri.kovi1's picture

Iam getting same error. Not getting the data Virus/Spyware content download fro today showing Zero count

Please help me how to resolve the issue..

 

0
Login to vote
GrahamA's picture

I've reproduced the issue here by increasing my bw_used value to a very large number. I've made an update to the tool and verified it gets around this issue.

v2.3 is attached, for those that got the overflow issue, can you give it a go? many thx!

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
Didlex's picture

Works like a dream for me now. Fantastic tool for us with lots of GUP's in low bandwidth environment. Looking forward to see it with more features integrated in SEPM.

0
Login to vote
GrahamA's picture

Great! glad to hear it.

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
cable mite's picture

I wonder how many GUPs can be monitored?
We use several hundred GUPs. Let me download and see.....

------------------------------------------------------------
MR99 will fix it all.

0
Login to vote
DiscoveryTech's picture

Will this tool work with 11.0.5 or does it need 11.0.6a?

0
Login to vote
GrahamA's picture

Added some further updates:
- Added link to allow export of the GUP data to CSV file
- Client content downloads only register if they come with HTTP 200 (as opposed to 404, which can occur rarely)
- Added text alongside each of the menu buttons so they are easily understandable

Re how many GUPs the monitor can be used with, I've heard of customers use it with 100s, I'm not currently aware of any upper limit. Of course, as with any view which runs SQL queries in the background, the monitor will take longer to load the more data it needs to load.

The monitor works with GUPs that are running 11.0.5 or above.

For anyone who test drives the monitor further, pls let me know how you get on, all feedback appreciated.
 

GrahamA Product Management, Symantec Security Solutions

+1
Login to vote
GrahamA's picture

Added new menu option which allows you to run any custom SQL queries you wish against the SEPM database. I need to clean up this new feature further but the mechanism should work right now.

GrahamA Product Management, Symantec Security Solutions

+1
Login to vote
Didlex's picture

If I click yes or no, nothing happens. Configuration 2 SEPM on  Windows 2008 x64, with a shared SQL 2008.

0
Login to vote
GrahamA's picture

Assume you tried with v2.5 and still got this issue?
(I saw that error during development of the export feature but had resolved it, per my testing at least)

I only test in a certain number of environments myself so might not catch all considerations first time, therefore as and when you find issues or quirks, let me know and I'll do my best to address them.

For the script error you just got, I'll test now in an environment similar to the one you're using to see if I can reproduce the issue. Will keep you posted.

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
GrahamA's picture

I think I may have found the issue that you hit.

If the sepm_path isn't set correctly, I get the same error.

I've now changed the temp csv file so it gets created in the %temp% directory instead.

Can you try again? I've posted a 2.6 version which has the fix to this page.

Thx!

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
Didlex's picture

Export now works like a charm now.

I am not sure if I understand corretly why I should use it, but I am not able to use the SEPCDM to connect to two SEPM. (Local site). Please advice.

In the video you show that we could connect to more than one SEPM like this.

Two SEPM gives an error

SEPM_IISlogPath1=\\server01\c$\inetpub\logs\LogFiles\W3SVC2\
SEPM_IISlogPath2=\\server02\c$\inetpub\logs\LogFiles\W3SVC2\

One SEPM works fine:
SEPM_IISlogPath=\\server01\c$\inetpub\logs\LogFiles\W3SVC2\

I get an error message several times before I get to the SEPCDM.

Error message: SEP Content DistMon - SEPM IIS log path(s) specified in config.ini cannot  be reached. - Related data will not be available within the monitor.

I have of cource testet that the SEPCDM works on both of them alone.

0
Login to vote
GrahamA's picture

I made a minor error when recording the video.

In fact, the syntax for adding additional SEPMs should be:

SEPM1_IISlogPath=\\server01\c$\inetpub\logs\LogFiles\W3SVC2\
SEPM2_IISlogPath=\\server01\c$\inetpub\logs\LogFiles\W3SVC2\

Can you try that and see if it works?

For now, I'll update the config.ini examples to properly reflect this, and I'll then get the video updated asap also (prob next week at earliest though)

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
zer0's picture

Slight correction...

SEPM1_IISlogPath=\\server01\c$\inetpub\logs\LogFiles\W3SVC2\
SEPM2_IISlogPath=\\server02\c$\inetpub\logs\LogFiles\W3SVC2\

0
Login to vote
GrahamA's picture

i updated readme, etc to reflect that

is it working for you now?

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
Khue's picture

I had the script issue until I did 2 things:

  • Refrain from using folder paths that include spaces when running the .hta file.
  • Make sure that the IIS log file folder specification line included ...\W3SVC2\ directory. 
0
Login to vote
GrahamA's picture

yes, spaces in paths could cause problems potentially. I should update the readme to mention that. Thx for flagging it.

I also recently updated the video and readme to state the IISlog path should include \W3SVC2\

Thx for the feedback!

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
zer0's picture

Nice work!!

Any spaces in the paths seems to create small issues.
How does this monitor actually determine whether a GUP is offline?
Is there a way to hard code proxy settings as my dashboard can't get out to the internet to see the latest symantec version?

0
Login to vote
GrahamA's picture

thx for the feedback

yep, spaces could cause an issue, I can update the code to make it possible to support spaces in the path name but for right now I'm just going to add a note to the readme to discourage spaces in log path name.

Re offline, this is based on the heartbeat of the SEP client the GUP is part of, so equivalent to the green dot appearing in the SEPM console for that specific SEP client. The status means the GUP (or more accurately, its SEP client) has not heartbeated successfully recently to the SEPM.

Re proxy, I already had a go at adding this functionality but it didnt work well so I removed it again. I need to do a little more research and testing before I'll get this working, but will add it asap (prob sometime over next few weeks).

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
Khue's picture

In testing, I have a GUP and a client assigned to the 192.168.2.0/24 network. My production network exists at 192.168.1.0/24. The way I understood GUPs to work, is that they will only service their local subnet and when a client does not exist on the GUP's subnet, it defaults to the SEPM server. I just started using the SEPCDM (set it up yesterday) and this morning and I was startled to see that total bandwidth was 1884 mb and the Total being 141 client downloads (24 deltas and 117 fulls). Am I missing something or is there possibly something I missed on setup of the CDM?

Edit: Ignore this. I see that the values I am viewing are for the total content process. I can see through the IIS logs that the machines that are downloading the content are directly downloading from the SEPM server. The one machine that is not downloading from the SEPM server is not in the logs at all yet, is currently up to date. I also see the GUP requesting the delta files that the client using the GUP requires.

0
Login to vote
GrahamA's picture

How many GUPs do you have running? The total includes the GUPs themselves, and consider each GUP will likely download 3+ times a day depending on the content clients request of the GUP.

We'd need to verify aspects of your configuration such as:
- How many content revisions does your SEPM store? (admin > servers > site > props > liveupdate) this should be set to 21 days a minimum
- How is your GUP configured (for single or multiple GUP config)? Are all your SEP clients running 11.0.5 or later

Enter the IP of the GUP into the search box within the monitor and click search, see how many times that machine has downloaded content. If it does not account for the majority of the total downloads, then the GUP configuration assigned to your SEP clietns could be wrong.

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
GrahamA's picture

How many SEP clients on your 192.168.1.0/24 network? Do you have a GUP active on that network too?

In the search box of the monitor, you can enter a network to see how many requests came from that network, for example enter 192.168.1.0.

If you see most requests from 192.168.1.0, do you have a GUP present there? If yes, open the IIS logs and investigate which IPs are causing most of the downloa requests.

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
Khue's picture

Ah I see. This issue is resolved. Thanks for the help Graham. Upon reviewing the IIS logs I realized what the behavior I observed was about. Thanks again.

0
Login to vote
zer0's picture

Graham,

I just noticed that if any single SEP client has a newer definition than the servers and GUP's it throws everything off.
I only have the SEPM's getting one definition a day.

EG.

SEPM - 01/01/10
GUP's - 01/01/10
SEP client manually update to 02/01/10

I am not sure where you pull the most recent SEPM def date from but that single client seems to reset everything.
The GUP monitor now lists the most recent SEPM version as 02/01/10 and then marks all the GUP's in red as being out of date

0
Login to vote
GrahamA's picture

I'm reading latest available content from the SEPM database. Sounds like i need to refine the query to account for this scenario. I'll look into doing that over the next week or so.

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
zer0's picture

I also noticed another cosmetic glitch and that is related to the monitor displaying IPS definitions as being outdated on a GUP even though it doesn't have NTP installed.
It did, however have NTP installed in the past so I am assuming it is just leftover from that previously registered DB entry.

It bugs me though as it is the only red entry...haha!

I will have way more feedback moving forward as I am expecting to have 1000's of GUP's as soon as this deployment really kicks into gear!!

0
Login to vote
.Brian's picture

I'm getting this error:

And I believe it's because during "STEP 2 CONFIGURE THE SEPM DATABASE CONNECTION" I attempt to follow the steps but when trying to setup ODBC, SymantecEndpointSecurityDSN does not exist after I select System DSN tab. I'm not sure how to configure for OLEDB but will look into it. I'm not very saavy in this dept. wink

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

0
Login to vote
GrahamA's picture

Hi Brian81, I'd recommend you first try to run the tool from the SEPM machine itself, as the ODBC connection is more likely to be present.

is it a 64bit OS per chance? If so, see http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008021900094548.

Is the SEPM database local on the machine you are on, or is it remote?

If you can provide some of the above info, I'll try to help you get the right options entered.

 

GrahamA Product Management, Symantec Security Solutions

+1
Login to vote
.Brian's picture

Hi Graham,

I was trying to run it remotely from my PC, but I will try from the SEPM

It is a 64bit OS. I will check the KB article you posted.

The SQL DB is on a remote box

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

0
Login to vote
GrahamA's picture

Try it first on the SEPM, if it works, you can also get it to work from remote PC, but need to ensure you first successfully setup the database connection. You'd have the same challenge if trying to run a SEPM remotely from the database machine. Any communication to the database machine will remote a successful database connection setup first.

Let me know how you get on.

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
.Brian's picture

Hi Graham,

Followed the article you posted and ran from SEPM. All is looking good now. Thanks for the help, much appreciated.

Brian

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

0
Login to vote
Ren's picture

getting the same error..

running the tool directly on SEPM, WinSrv2003Std 32bit, using SQL DB. ODBC configured properly. Tool works on another account session (with admin rights). What to troubleshoot?

0
Login to vote
Rodrigo Benedik's picture

I'm having a problem when i open the tool that say it's not possible to access the IIS logs path, and I've tested the path is correct and I'm able to access also i've moved the IIS logs to another folder to test and still the same error when i open.
I don't know if the problem is because I'm using the windows 2008 r2 64bits???  and insade of the tool when i click to the IIS logs i can see the logs but the problem appear only when open the tool.

Thanks!!!

Rodrigo Benedik

0
Login to vote
GrahamA's picture

It could be because of the OS, I'll test on this speicific platform to see if the behavior is any different.

There is a difference between the logic used in the background when you click the link to open the logs, and when the tool launches and the IIS logs get searched.

Can you copy and paste the IIS log section of your config.ini here so I can check it out? Is that the exact location of the *.log files (i.e. the path you enter will typically include W2SVC2 or W2SVC1 and should end with a backslash)

Thx.

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
Rodrigo Benedik's picture

GrahamA,

My IIS logs location
SEPM1_IISlogPath=\\localhost\c$\inetpub\logs\LogFiles\W3SVC1\
SEPM2_IISlogPath=\\192.168.0.20\c$\inetpub\logs\LogFiles\W3SVC1\

I got a second console working as failover, however I tryed to put only my localhost console and i had the same problem....

Thx,  for the help!!!

Rodrigo Benedik

0
Login to vote
GrahamA's picture

Quick update:

I setup the monitor on 2008 r2 x64 and believe I found the reason you hit that issue, i can reproduce the behaviour you describe and can see how to fix it. I'll post a new version with the fix later this week.

Thx again for letting me know about it!

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
GrahamA's picture

Actually, the fix for the 2008 r2 x64 issue turned out to be easier than expected, so have fixed and verified the fix on my test 2008 r2 x64 system.

Have a go, and let me know if it works ok for you now too.

Thx

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
wenhamp's picture

I had an error when running the program on Windows Server 2008 R2 (64Bit) that relating to not being able to read my IISLog path. On investigating it would appear the Parse conig file routine in the HTA was returning true for
if instr(1, line, "ISSlogPath") > 0
when it was parsing the comment in the ini file; as a result the specified path in the ini was not being used. I simply removed the commented line however you may wish to review that routine to eliminate the false positive?

Thanks for the tool

0
Login to vote
GrahamA's picture

I think I recently found and fixed the issues you describe. Can you verify, if you get some time, whether the issues are fixed in v2.9?
(which is now available via this web page up above)

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
Rodrigo Benedik's picture

Thanks for the great work.... for is working fine.

Rodrigo Benedik

0
Login to vote
JustNetGuy's picture

This is a great tool thanks... Now -question-  will it be rolled into protection center?  I think this is a metric that would be of great value to pulling data we are about out of the 30,000 foot view of our worlds.

0
Login to vote
GrahamA's picture

 don't be too surprised if you see that happen ;-)

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
Khue's picture

Just fyi, check this out. It may be useful to others. 

0
Login to vote
GrahamA's picture

I had that sort of functionality (bandwidth counter) in the code already in the background. I've now integrated it so the results are clear to the user and when you search for an IP or network, you also get details on the bandwidth used by the matching group of IPs.

I'm now working on adding the functionality whereby the tool can distinguish between clients and GUPs (using the sample code you very kindly provided).

Thx again for your help with that!

Keep the ideas coming :-) At this stage there are 2 features in the tool which have either been submitted by people in the community. I encourage anyone to get involved! Right-click on the tool user interface, and select 'view source'. If you are familiar with VBscript, feel free to contribute!

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
Khue's picture

That's excellent. Thats exactly what I had pictured. If I type in the ip addy of the gup, I can see how much work it did for that specific day up until that time. That's a huge help. I would primarily use this if one of my facilities contacted us and they stated that they were having network issues. I am currently using the beta, if I find anything I'll post.

0
Login to vote
postechgeek's picture

I have a question about the IIS logs. Looking at my logs, I'm not seeing any data. I should be seeing requests for the full.zip and delta files, I followed the video and made sure logging was checked on the content virtual directory in IIS. What am I missing?

Thanks,
Mike

0
Login to vote
GrahamA's picture

There are also more generic IIS logs written for the default website and HTTPERR.

If it is a Windows 2003 based machine, check the following: via the IIS manager, right-click on Symantec Web Server, then click Properties, when the dialog opens, click Properties again, you should see the path where the logs for this website are going. Open this path and view the contained log files, you should see entries in there for *.dax and/or full.zip

If it is a Windows 2008 based machine, the interface is different but same principals apply, the following URL may be useful: http://technet.microsoft.com/en-us/library/cc732079(WS.10).aspx

GrahamA Product Management, Symantec Security Solutions

+1
Login to vote
postechgeek's picture

Thanks for the response. I checked this morning, and the logs are there and the info in the tool as well. I am guessing that when I turned on logging yesterday the clients were updated, and no need for content.

Mike

0
Login to vote
GrahamA's picture

Someone reported that if a specific SEP client gets a newer AV/AS def than that which the SEPM has, it can skew the monitor status, since the SEPM def date via the monitor then appears wrong.

Took me a little while to figure it out but I have found the cause and fixed it, so it should work reliably now for both AV/AS and IPS.

v3.2 posted with this update.

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
zer0's picture

That was me.

Now, I am wondering how you are getting the IPS def date for the GUP's?
Mine are all over the place and are appearing red even though pretty much all my SEP clients are up to date.

The latest defs available from Symantec are SU 160 and are dated as follows:

  • 64-bit - 20100706.003
  • 32-bit - 20100706.002

Dist monitor lists 2010-07-06 rev. 003 as the most recent SEPM version
My GUP's are all listed as the 5th, 6th rev 01, 02 and classed as out of date and highlighted red.

0
Login to vote
norman's picture

I fell foul of the hta script parsing the examples in the config.ini and producing an unreachable path for the IIS logs.  Removing those cured the problem - as described by someone else in this thread.  Perhaps the examples could be all contained in the readme.txt and leave the config.ini for active setings only. 

Very useful tool - thanks

0
Login to vote
GrahamA's picture

Thx.

I updated the config file a few revisions ago so that wouldnt happen, if you use an old config file through it could happen.

It shouldnt happen with the latest ones.

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
norman's picture

I think I may be using an older one - I will dowload again.  In any case, it was not a huge problem.

0
Login to vote
postechgeek's picture

Would it be possible to click on a GUP and see high level stats on the clients in its group? It would be nice to see what clients are being updated currently per GUP, what defintion level they are at, and bandwidth used per client. When I go over the IIS logs, I see the clients in the data center getting their updates from the SEPM which is correct, but then I only see updates to the GUPs not indvidual clients in those groups.

Thanks,
Mike

0
Login to vote
GrahamA's picture

- added content update percentages for GUP and Clients
- reformatted Symantec website def format, so now SEPM def ver will highlight if older than Symantec website def
- minor code cleanup and bug fixes
- updated SQL queries in diagnostics directory

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
Khue's picture

ODBC error in 3.4 beta.

Line 1460
Char 10
Error:[Sybase][ODBC Driver][Adaptive Server Anywhere]Procedure 'Len' not found
Code: 0
URL: File:<filepath>/SEP_Content_DistMonitor.hta

Do you want ot continue running scripts on this page?
[Yes][No]

0
Login to vote
pebcak's picture

Getting this same issue.

2008 R2 64-bit
SEPM 6.0a
Embedded DB
SEP Content Monitor 3.4 beta

Senior Consultant @ Creative Breakthroughs, Inc. a Symantec Platinum Partner

http://www.cbihome.com/

0
Login to vote
Khue's picture

I can fix this error. Open the HTA file and find line 1456. You can do this in any text editor. Replace the 2 instances of 'len' with 'length,' which is the SQL Anywhere equivalent call. So like this:

1456: sql_ByNetwork = "select top 3 count(*) as 'Num of online clients', left(IP_ADDR1_TEXT,Len(IP_ADDR1_TEXT)-CHARINDEX('.',Reverse(IP_ADDR1_TEXT))) as Network from SEM_AGENT as SA LEFT OUTER JOIN PATTERN PAT ON SA.PATTERN_IDX=PAT.PATTERN_IDX LEFT OUTER JOIN V_SEM_COMPUTER as COMP ON SA.COMPUTER_ID = COMP.COMPUTER_ID LEFT OUTER JOIN IDENTITY_MAP as ID_MAP ON ID_MAP.ID = SA.GROUP_ID where SA.AP_ONOFF!=2 and SA.DELETED='0' and MAJOR_VERSION != '5' and SA.AGENT_TYPE='105' and SA.STATUS='1' and (PAT.VERSION is NULL or PAT.VERSION < (SELECT VALUE as LatestAVAS from GUIPARMS with (NOLOCK) where PARAMETER in ('latest_av_defs'))) group by left(IP_ADDR1_TEXT,Len(IP_ADDR1_TEXT)-CHARINDEX('.',Reverse(IP_ADDR1_TEXT)));"

Change it to this:
1456: sql_ByNetwork = "select top 3 count(*) as 'Num of online clients', left(IP_ADDR1_TEXT,Length(IP_ADDR1_TEXT)-CHARINDEX('.',Reverse(IP_ADDR1_TEXT))) as Network from SEM_AGENT as SA LEFT OUTER JOIN PATTERN PAT ON SA.PATTERN_IDX=PAT.PATTERN_IDX LEFT OUTER JOIN V_SEM_COMPUTER as COMP ON SA.COMPUTER_ID = COMP.COMPUTER_ID LEFT OUTER JOIN IDENTITY_MAP as ID_MAP ON ID_MAP.ID = SA.GROUP_ID where SA.AP_ONOFF!=2 and SA.DELETED='0' and MAJOR_VERSION != '5' and SA.AGENT_TYPE='105' and SA.STATUS='1' and (PAT.VERSION is NULL or PAT.VERSION < (SELECT VALUE as LatestAVAS from GUIPARMS with (NOLOCK) where PARAMETER in ('latest_av_defs'))) group by left(IP_ADDR1_TEXT,Length(IP_ADDR1_TEXT)-CHARINDEX('.',Reverse(IP_ADDR1_TEXT)));"

You should then run into a second problem. The function "Reverse" doesn't seem to work in this version of SQL Anywhere. I think this is version 9.0 of SQL Anywhere. Apparently the code is there to use a "Reverse" call but I can't seem to find it. I've tried both "Rev" and "REVERSE."

0
Login to vote
Khue's picture

Update: If you actually drop the Reverse function, the code works without error but it may not be working as intended. So example:

1456: sql_ByNetwork = "select top 3 count(*) as 'Num of online clients', left(IP_ADDR1_TEXT,Length(IP_ADDR1_TEXT)-CHARINDEX('.',Reverse(IP_ADDR1_TEXT))) 

Change to:

1456: sql_ByNetwork = "select top 3 count(*) as 'Num of online clients', left(IP_ADDR1_TEXT,Length(IP_ADDR1_TEXT)-CHARINDEX('.',IP_ADDR1_TEXT)) 

Do the same for all instances of the Reverse call. This will at least get rid of the error message and allow the code to continue functioning as normal without having to repeatedly acknowledge the error and proceed processing scripts on that page. 

0
Login to vote
GrahamA's picture

Last week, I actually since worked out the lenght/len thing myself too.

My challenge now is on the reverse function, which only seems to work with MS-SQL. I'll contact you offlist to see if you can help me find a creative solution to get around that. Reverse (or equivlant) is needed, to ensure the IP network is extracted reliably from the IP.

All, I plan to post an updated version toward the end of this week.

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
GrahamA's picture

Tomorrow, I will test on embedded DB and see if I can replace the procedure with one that is friendly for that database type also..

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
pebcak's picture

Thank you.  Great tool.  So think the problem is the embedded DB?  All of the assumptions with this tool is looking at MS SQL server?

Senior Consultant @ Creative Breakthroughs, Inc. a Symantec Platinum Partner

http://www.cbihome.com/

0
Login to vote
GrahamA's picture

i added some new features in the v3.4 that it turns out, work with MS-SQL but not with the embedded DB. I'm working on resolving that. Expect a new version to be posted later this week.

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
Khue's picture

No problem, everything else seems to be working fine. I have a group of Mac clients. Because of the nature of the updates that get done on Mac's it will most likely always show that this group is out of date for me for "Most out of date clients, by group." The liveupdate servers usually are a day behind the SEPM update system. Just something for others to keep in mind if they have a similarly configured structure.

0
Login to vote
.Brian's picture

Is there a config setting to configure for proxies? We are behind a proxy so I can't see Symantec's latest content versions. Just shows as "failed to connect'

Not a big deal but was wondering.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

0
Login to vote
zer0's picture

Did you get a chance to look into the IPS definition post I made a few days ago??
I still have some GUP's showing IPS defs, then others saying it is not installed

It also appears the Online, running latest IPS status is broken in 3.4 as mine is stuck on 7% but the SEPM reports shows everything is 98% or so.

cheers

Z

0
Login to vote
pebcak's picture

Would it be possible to put this under the default web site on the SEPM and be able to run remotely through a browser?

Senior Consultant @ Creative Breakthroughs, Inc. a Symantec Platinum Partner

http://www.cbihome.com/

0
Login to vote
kristopherjturner's picture

hello,  using the 3.4 beta in on a test server I get a Script Error that pops up every time I try launching the console.

Windows 2008 Ent R2 64-bit

The error is:

Line:   1982
Char:  6
Error:  Overflow
Code: 0
URL:  file:///C:/Sep_Content_DistMonitor_v3.4/SEP_Conten...

0
Login to vote
Roozbeh's picture

Thanks... very useful tool.
But I have some minor problems remain:
Every time I start app on SEPM 11.0.6005, it prompts me these 2 messages:
1-

2-

0
Login to vote
Khue's picture
  1. I am not sure what the issue is with this error. That line in the code simply is a calculation of the number of clients that are out of date represented in a percentage format. I do notice that you are running the app from "Documents and Settings." Can you try to run it from some place without spaces (for example c:\SEPCDM\).
  2. This is a known issue. When GrahamA coded this, he used MSSQL or a version of Transact-SQL. When you use the embedded database, it uses Watcom-SQL which isn't 100% the same as Transact. Watcom-SQL (or whatever it's called SQL Anywhere is the app). I posted  earlier about this error so scroll up a bit and look for the "fix" that I posted.

Let me know how this goes.

0
Login to vote
kurt w's picture

hi

i get this on latest versions available

AV/AS failed to connect 2010-07-19 rev. 020
IPS failed to connect 2010-07-19 rev. 001
PTP failed to connect 2010-07-19 rev. 016
0
Login to vote
GrahamA's picture

The tool currently does not allow you to specify a proxy through which to get this data from the internet.

The tool will continue to work fine without this data, it is just one less useful piece of info you have present in the UI.

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
kristopherjturner's picture

This is the error I get on both SEPM's I have.  Both are Windows 2008 Ent R2 64-bit systems.  Both databases are running on stand alone SQL servers.

0
Login to vote
kristopherjturner's picture

Mine seems to be working now. Hadn't added any GUP's to these systems yet.  Not sure if that is it.

0
Login to vote
zer0's picture

Just having an issue when clicking on the content load issue reports to show clients with low disk space or missing/corrupt content

I get a script error on line 929, char 5 - "object required ShowList"

I was also wondering if it was possible to get the list of GUP's sorted so that out of date ones are presented at the top?
I have 330 GUP's in there at the moment and have 1000+ to follow
Makes it a little hard to have to scroll through them all to see which ones are highlighted red.

The Distribution summary for clients running the latest IPS defs still seems to be off to me as well.
The dist monitor only shows 15% of my clients up to date, but I know for a fact that is more like 98% cheers Z

0
Login to vote
GrahamA's picture

You can click the filter icon on the op status titlebar, then you will just see the GUPs with out of date content or other issues

GrahamA Product Management, Symantec Security Solutions

0
Login to vote
LGL's picture

Hi,
When clicking the "click here" for retrieving listing in Potential content load issue i got just a blank result page in IE and also a blank notepad page. With blank I mean no clients is showing but in the monitor it shows 3 client with low disk space and 1 with missing or corupted content. Any idea of why?

When I like to view the delta files in "AV/AS downloads today from SEPM" i just end up in the "documents" folder on the server with no logfile? I got two SEPM contected and its open both of them. Any idea?
Im running Windows 2008 on the servers with an external 2008 SQL db.

I also miss the total amount of clients that you published in the earlier versions. Now I just can see the percent of the total in the statistic view. Maybe you can put in the total with an extra line?

Thanks // L

0
Login to vote
Banksy's picture

Hi Guys - firstly I would like to say that this looks to be a great tool and fills a current gap in our SEP-11 monitoring.

I downloaded the 3.4 Beta version and configured it as per the instructions and using OLEDB.  However, I am currently facing the following script issues;

Line: 1134
Char: 10
Error: Invalid object name 'GUIPARMS'
Code: 0
********
Line: 1397
Char: 10
Error: Invalid object name 'SEM_AGENT'
Code: 0
********
Line: 1460
Char: 10
Error: Invalid object name 'SEM_AGENT'
Code: 0
********
Line: 1527
Char: 10
Error: Invalid object name 'SEM_AGENT'
Code: 0
********
Line: 1662
Char: 10
Error: Invalid object name 'SEM_AGENT'
Code: 0
********
Line: 1982
Char: 6
Error: Overflow
Code: 0

No data is being displayed. 

Thanks for your help

0
Login to vote