cancel
Showing results for 
Search instead for 
Did you mean: 
bola_2911
Level 7

Mcafee Web gateway

We are getting the following errors on the dashboard of MWG

Avira update failed (ID 855).

McAfee gateway Anti-malware update failed (851)

GTI web database update failed (ID: 1051)

After checking the update log by going to troubleshooting/logs i could see that the old and new version is same.

Does anyone why we are having this alerts, if the update is already taken place.

Thanks

K

0 Kudos
6 Replies
McAfee Employee

Re: Mcafee Web gateway

Do you have a cluster or is this just a single appliance? If it's a cluster, then a single appliance could have problems downloading the updates (itself), but then later get the updates from another appliance.

0 Kudos
bola_2911
Level 7

Re: Mcafee Web gateway

It is a cluster, the alert comes only on the standy MWG and later on the update was successful.

By checking the update logs it was showing as update failed because of the new and older version matches.

0 Kudos
McAfee Employee

Re: Mcafee Web gateway

I couldnt say without seeing the log myself, but I'm guessing that the standby node is getting the updates from the cluster rather than from the internet itself. Usually the logs will say where the update is coming from (internet or another node), however they can be a bit cryptic.

The situation could also be the opposite -- the standby node attempts to get updates from another node, but fails, when it gets the updates from the internet it works. This could happen if there is a small pipe between nodes. In which case you might want to consider changing the update groups. https://community.mcafee.com/docs/DOC-4823#jive_content_id_Update

0 Kudos
bola_2911
Level 7

Re: Mcafee Web gateway

There are different nodes for the master and the standby.

Master MWG node xxxxxxxxx

Standby MWG node yyyyyyyy

Also a= a means same version

a=b means different version

On the same day the alert on the master MWG from the dashboard is

Following domain can't be contacted. ID: 903

and on the standby MWG the alert showed on dashboard.

Following domain can't be contacted. ID: 903

McAfee gateway Anti-Malware update failed, broken version identifier. ID 851

GTI web database update failed. ID 1051

Avira update failed. ID 855

Now as per the update logs.

For Master

Update Status from local Node: xxxxxxxxx

Product: GTI web database

Status: update_succeed

Old Version: TS-Engine=a|TS-Database=a

New Version: TS-Engine=a|TS-Database=b

Update Status from local Node: xxxxxxxxxx

Product: McAfee Gateway Anti-Malware

Status: update_succeed

Old Version: AM-DAT=aAM-Engine=a|MFE-DAT=aMFE-Engine=a|PLATFORM=x64

New Version: AM-DAT=b|AM-Engine=a|MFE-DAT=a|MFE-Engine=a|PLATFORM=x64

Update Status from non local Node yyyyyyyyyyy

Product: McAfee Gateway Anti-Malware

Status: update_failed

Old Version: AM-DAT=a|AM-Engine=a|MFE-DAT=a|MFE-Engine=a|PLATFORM=x64

New Version: AM-DAT=a|AM-Engine=a|MFE-DAT=a|MFE-Engine=a|PLATFORM=x64

Product: Avira

Status: update_failed

Old Version: Avira-Engine=a|Avira-VDF=a|Avira-Savapi=a|PLATFORM=x64

New vsersion:Avira-Engine=a|Avira-VDF=a|Avira-Savapi=a|PLATFORM=x64

Product: GTI web database

Type: xl

Status: update_failed

Old Version: TS-Engine=a|TS-Database=a

New Version: TS-Engine=a|TS-Database=a

Update from node yyyyyyyyyy

Product: Known CAs (16839)

Version: List=254

Status: update_is_up_to_date

Update from node yyyyyyyyyyyyy

it seems the update from local nose is working but not from non-local node.

for Standby

Update Status from local Node: yyyyyyyyy

Product: McAfee Gateway Anti-Malware

Status: update_failed

Old Version: AM-DAT=a|AM-Engine=a|MFE-DAT=a|MFE-Engine=a|PLATFORM=x64

New Version: AM-DAT=a|AM-Engine=a|MFE-DAT=a|MFE-Engine=a|PLATFORM=x64

Update from node xxxxxxxxxx

Product: Avira

Version: Avira-Engine=a|Avira-VDF=|Avira-Savapi=|PLATFORM=x64

File ave2_linux_incr_b.tar.gz stored successfully

File vdf.tar.gz stored successfully

File extensionlist.txt stored successfully

File bpdata.txt stored successfully

File vinfo.txt stored successfully

Update Status from local Node: yyyyyyyyyyyyyyy

Product: Avira

Status: update_failed

Old Version: Avira-Engine=a|Avira-VDF=a|Avira-Savapi=a|PLATFORM=x64

New Version: Avira-Engine=a|Avira-VDF=a|Avira-Savapi=a|PLATFORM=x64

Update from node xxxxxxxxxxx

Product: GTI web database

Status: update_failed

Old Version: TS-Engine=a|TS-Database=a

New Version: TS-Engine=a|TS-Database=a

Performing update because 'update interval exceeded

k

0 Kudos
McAfee Employee

Re: Mcafee Web gateway

Hi K,

I'd just set separate update groups (see link above) for each node (so they download their own updates). You'll be able to tell pretty quickly if that fixes it.

Best Regards,

Jon

0 Kudos
bola_2911
Level 7

Re: Mcafee Web gateway

as they belong to different nodes, is that the reason that the master have less alerts as compared to the standby?

K

0 Kudos