This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Message Relay

How does monitoring on a message relay server works?

How do I know which clients are connected to a relay server and how to check the load?

Once a client got sophos installed it takes a while until I can see it in the SEC. How does debugging works? What can I check if the client does not show up in the SEC?

Regards,

Ingo

This thread was automatically locked due to age.

0 jak over 12 years ago

Hi,
Without scraping router log files for specific strings, the only way to get overall visibility is in the database.
The MessageSystemAddress field can be used to determine this information. Typically a endpoint router has the address inthe format:
Router$[ComputerName]:[token]
e.g.
Router$client1:34344
If that same endpoint was messaging the server via a relay, called relay1. The RMS address of the client would be for exmaple:
Router$relay1:43344.Router$client1:34344
Note the . seperates the 2 router addresses.
So with this info, from the database you can make queries for the number of computers which are "Managed", "Connected", "LastMessageTime", etc.. Which have a message system address that matches (contains), the relay you are monitoring for example.
All the fields you need are in the "ComputersAndDeletedComputers" table in the "Core" database. http://www.sophos.com/en-us/support/knowledgebase/17323.aspx
To debug a client, you just have to follow the messages from the client to the relay, from the relay to the management server and back down again. /search?q= 13771 should also help
Regards,
Jak
:39845
Cancel
Vote Up 0 Vote Down

Cancel