Endpoint Protection

View Only

Back to discussions

Expand all | Collapse all

site stuck on 1/21/2011 defs

1. site stuck on 1/21/2011 defs

0 Recommend
Migration User
Posted Jan 25, 2011 08:03 AM

Reply Reply Privately
84 have yesterday's defs, 250 have last weeks defs.

Folks are getting alerts that definitions are out of date. The management servers are among those. I've disabled the alert for now to stop the phones from ringing, but I"m not sure what's up...

Here is the LU log - does this make sense?

January 25, 2011 6:43:28 AM CST: Failed to create a folder to which to publish the package [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 6:43:28 AM CST: PackageTask.updateIdcSetting has error. [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 6:39:25 AM CST: LiveUpdate succeeded. [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 6:39:25 AM CST: LUALL.EXE finished running. [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 6:39:25 AM CST: LiveUpdate will start next on Tuesday, January 25, 2011 7:39:25 AM CST on Vxxxx2. [Site: IVRS-SEP01] [Server: VRDSMSEPM2]
January 25, 2011 6:39:25 AM CST: LUALL.EXE successfully updated the content. Return code = 0. [Site: IVRS-SEP01] [Server: Vxxxx2]
2. RE: site stuck on 1/21/2011 defs

0 Recommend
Migration User
Posted Jan 25, 2011 08:11 AM

Reply Reply Privately
I manually ran LU for our site from the admin area, looks different now....... how much space does LU normally need? The drive was down to 1.5gig and I freed up about 800 meg.

January 25, 2011 7:07:23 AM CST: LiveUpdate retry succeeded. [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:07:23 AM CST: LUALL.EXE finished running. [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:07:23 AM CST: LUALL.EXE successfully updated the content. Return code = 0. [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:07:23 AM CST: Decomposer Win32 and Win64 11.0 is up-to-date.    [Site: IVRS-SEP01] [Server: Vxxxx1]
January 25, 2011 7:07:23 AM CST: Symantec Endpoint Protection Manager Content Catalog 11.0 is up-to-date.    [Site: IVRS-SEP01] [Server: Vxxxx1]
January 25, 2011 7:07:23 AM CST: TruScan proactive threat scan commercial application engine 11.0 is up-to-date.    [Site: IVRS-SEP01] [Server: Vxxxx1]
January 25, 2011 7:07:22 AM CST: Antivirus and antispyware definitions Win64 11.0 MicroDefsB.CurDefs was successfully updated. [Site: IVRS-SEP01] [Server: Vxxxx1]
January 25, 2011 7:07:17 AM CST: TruScan proactive threat scan engine Win32 11.0 is up-to-date.    [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:07:17 AM CST: TruScan proactive threat scan commercial application list Win32 11.0 is up-to-date.    [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:07:17 AM CST: TruScan proactive threat scan whitelist Win64 11.0 is up-to-date.    [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:07:17 AM CST: Intrusion Prevention signatures Win64 11.0 is up-to-date.    [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:07:17 AM CST: TruScan proactive threat scan engine Win64 11.0 is up-to-date.    [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:07:17 AM CST: Submission Control signatures 11.0 is up-to-date.    [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:07:17 AM CST: TruScan proactive threat scan data 11.0 is up-to-date.    [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:07:17 AM CST: TruScan proactive threat scan whitelist Win32 11.0 is up-to-date.    [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:07:17 AM CST: TruScan proactive threat scan commercial application list Win64 11.0 is up-to-date.    [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:07:08 AM CST: Decomposer Win32 and Win64 11.0 is up-to-date.    [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:07:07 AM CST: Symantec Endpoint Protection Manager Content Catalog 11.0 is up-to-date.    [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:07:07 AM CST: TruScan proactive threat scan commercial application engine 11.0 is up-to-date.    [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:05:44 AM CST: Intrusion Prevention signatures Win32 11.0 was successfully updated. [Site: IVRS-SEP01] [Server: Vxxxx1]
January 25, 2011 7:04:32 AM CST: LUALL.EXE has been launched. [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:04:32 AM CST: LiveUpdate retry started. [Site: IVRS-SEP01] [Server: Vxxxx2]
January 25, 2011 7:04:24 AM CST: LUALL.EXE has been launched. [Site: IVRS-SEP01] [Server: Vxxxx1]
January 25, 2011 7:04:24 AM CST: Download started. [Site: IVRS-SEP01] [Server: Vxxxx1]
3. RE: site stuck on 1/21/2011 defs

0 Recommend
Migration User
Posted Jan 25, 2011 08:40 AM

Reply Reply Privately
You must have atleast 3 GB free ideally. The size of liveupdate downlaod varies and is not the same always.
4. RE: site stuck on 1/21/2011 defs

0 Recommend
ℬrίαη
Posted Jan 25, 2011 08:44 AM

Reply Reply Privately
I believe 1 Gb is absolute minimum but that likely still won't be enough. Obviously, the more space, the better. But lack of space appears to your issue.
5. RE: site stuck on 1/21/2011 defs

0 Recommend
Migration User
Posted Jan 25, 2011 09:12 AM

Reply Reply Privately
OK - one more thing before I declare this solved/fixed.....

What in SEP could have suddenly taken the other 2 gig I had free. I used to have almost 3 gig free. Now it's down quite a bit, and the only change was a move to the latest SEP - MP2 (that I'm aware of anyway! LOL)

Deleting some backups and temp files helped, LU now runs, and we're almost updated, but something has taken up that space. Are there files in LU that I can safely delete - and not make WORSE problems? Seems there's a ton of stuff in there, even from December and earlier of last year. Or am I better off leaving ALL of LU alone....... and moving in a different direction.

Space does seem to be the issue, as freeing up even just a little then triggering LU at the management level cause things to "Start moving" again.

Big thanks to both - I'll be back and mark a solution since although I did sort of figure it you, you guys backed me up on it and got it going the right direction.
6. RE: site stuck on 1/21/2011 defs

0 Recommend
ℬrίαη
Posted Jan 25, 2011 09:18 AM

Reply Reply Privately
How many revisions is SEPM set to keep? I believe default is 42. I would bump that down to something like 30.
7. RE: site stuck on 1/21/2011 defs

0 Recommend
Migration User
Posted Jan 25, 2011 09:59 AM

Reply Reply Privately
Are there files in LU that I can safely delete - and not make WORSE problems?

Ans: Yes, you could delete the contents on the folder C:/Documents and settings/All users/Application Data/Symantec/Liveupdate/Downloads folder.
8. RE: site stuck on 1/21/2011 defs

0 Recommend
Migration User
Posted Jan 25, 2011 11:14 AM

Reply Reply Privately
Admin tab, site, LiveUpdate - number of content revisions to keep is set at 16.

>>Yes, you could delete the contents on the folder C:/Documents and settings/All users/Application Data/Symantec/Liveupdate/Downloads folder.<<

Server 2008 R2 - there is no "Documents and Settings" folder or All users.

Starts at C:\USERS - and there's no Symantec folder under public or default.
9. RE: site stuck on 1/21/2011 defs

0 Recommend
Migration User
Posted Jan 25, 2011 11:27 AM

Reply Reply Privately
On Win 2008 , it would be under: C:/Program data/Symantec

Endpoint Protection

site stuck on 1/21/2011 defs

Migration UserJan 25, 2011 08:03 AM

Migration UserJan 25, 2011 08:11 AM

Migration UserJan 25, 2011 08:40 AM

ℬrίαηJan 25, 2011 08:44 AM

Migration UserJan 25, 2011 09:12 AM

ℬrίαηJan 25, 2011 09:18 AM

Migration UserJan 25, 2011 09:59 AM

Migration UserJan 25, 2011 11:14 AM

Migration UserJan 25, 2011 11:27 AM

1. site stuck on 1/21/2011 defs

2. RE: site stuck on 1/21/2011 defs

3. RE: site stuck on 1/21/2011 defs

4. RE: site stuck on 1/21/2011 defs

5. RE: site stuck on 1/21/2011 defs

6. RE: site stuck on 1/21/2011 defs

7. RE: site stuck on 1/21/2011 defs

8. RE: site stuck on 1/21/2011 defs

9. RE: site stuck on 1/21/2011 defs