Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 2344 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Update Paths for SAV and Enterprise Console

Fabu

First of all hello :),

and i hope this belongs to this section.

I'm employee at a big University in Germany, and we provide Sophos Anti Virus for our Students and Departments.

They all update their clients on a server we provide in our datacenter. The updates are provided via an apache server.

For Statistical purposes, I would now like to evaluate how many clients every month update and which operating system they use. For that I would like to use the apache logs. I am now looking for paths, which clearly identify client upgrades - from the different Operating Systems - ,virus signature updates and Updates from enterprise consoles. Can you Help me with that?

Sincerely

:38463


This thread was automatically locked due to age.
  • 0

    Hello Fabu,

    there is only one update mechanism (i.e. there aren't distinct "software" and "signature" updates).

    All requests contain a path like /CIDs/Snnn/product/ (where Snnn denotes the directory for a certain subscription and product is the directory for the OS - SAVSCFXP for Windows, ESCOSX for Mac, savlinux for Linux and so on). Windows clients fetch master.upd and customer_ID.txt, Macs start with cidsync.upd and *ix clients usually cidsync.lst. Comparing these to the local cache the determine which files to download and what to do next.

    Furthermore, Windows clients include a Client ID in the request headers (the c="xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" string).

    Hope this helps for a start - you'll likely have more questions so feel free to follow up.

    Christian

    :38485
  • 0

    Hey, thanks for the fast reply. This will help me a lot.

    Is there a list of common values for "product"?

    Frank

    :38533
  • 0

    Hello Frank,

    product is the directory for the OS - SAVSCFXP for Windows, ESCOSX for Mac, savlinux for Linux and so on

    the directory (product) is specific for platforms and sometimes version (so older Mac versions had ESOSX or the unmanaged Linux version was under unixinst). The SEC command View -> Bootstrap Locations... tells you which versions the paths contain (at the moment).

    Christian

    :38539