Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 2345 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Update Paths for SAV and Enterprise Console

Fabu

First of all hello :),

and i hope this belongs to this section.

I'm employee at a big University in Germany, and we provide Sophos Anti Virus for our Students and Departments.

They all update their clients on a server we provide in our datacenter. The updates are provided via an apache server.

For Statistical purposes, I would now like to evaluate how many clients every month update and which operating system they use. For that I would like to use the apache logs. I am now looking for paths, which clearly identify client upgrades - from the different Operating Systems - ,virus signature updates and Updates from enterprise consoles. Can you Help me with that?

Sincerely

:38463


This thread was automatically locked due to age.
Parents
  • 0

    Hello Fabu,

    there is only one update mechanism (i.e. there aren't distinct "software" and "signature" updates).

    All requests contain a path like /CIDs/Snnn/product/ (where Snnn denotes the directory for a certain subscription and product is the directory for the OS - SAVSCFXP for Windows, ESCOSX for Mac, savlinux for Linux and so on). Windows clients fetch master.upd and customer_ID.txt, Macs start with cidsync.upd and *ix clients usually cidsync.lst. Comparing these to the local cache the determine which files to download and what to do next.

    Furthermore, Windows clients include a Client ID in the request headers (the c="xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" string).

    Hope this helps for a start - you'll likely have more questions so feel free to follow up.

    Christian

    :38485
Reply
  • 0

    Hello Fabu,

    there is only one update mechanism (i.e. there aren't distinct "software" and "signature" updates).

    All requests contain a path like /CIDs/Snnn/product/ (where Snnn denotes the directory for a certain subscription and product is the directory for the OS - SAVSCFXP for Windows, ESCOSX for Mac, savlinux for Linux and so on). Windows clients fetch master.upd and customer_ID.txt, Macs start with cidsync.upd and *ix clients usually cidsync.lst. Comparing these to the local cache the determine which files to download and what to do next.

    Furthermore, Windows clients include a Client ID in the request headers (the c="xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" string).

    Hope this helps for a start - you'll likely have more questions so feel free to follow up.

    Christian

    :38485
Children
No Data