グループ更新プロバイダ (GUP) のトラブルシューティングについて知りたい。
以下は、GUP が有効化された後のシステムレジストリの例です。
[HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\LiveUpdate]
"Description"="Created automatically during product installation."
"Enabled3rdPartyManagement"=dword:00000000
"MasterClientHost"="192.168.2.4"
"MasterClientPort"="2967"
"UseLiveUpdateServer"=dword:00000000
"UseManagementServer"=dword:00000001
"UseMasterClient"=dword:00000001
"HttpEncrypt"=dword:00000001
"HttpProxyMode"=dword:00000000
"HttpProxyRequireAuthentication"=dword:00000000
"FtpEncrypt"=dword:00000001
"FtpProxyMode"=dword:00000000
"FtpProxyRequireAuthentication"=dword:00000000
"AllowLocalScheduleChange"=dword:00000000
"AllowManualLiveUpdate"=dword:00000000
"EnableProductUpdates"=dword:00000000
"LastLuProductInventoryHash"=hex:72,59,31,36,a8,3f,47,02,70,5f,bd,52,29,d0,25,\49
"LastGoodSession"=hex:68,13,c8,94,d1,8b,c8,01
デフォルトでは C:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Logs フォルダに debug.log ファイルが保存されます。デフォルトのロギングが無効になっている場合は、SEP ユーザーインターフェイス - [ヘルプ] - [トラブルシューティング] - [デバッグログ] - [クライアント管理] の [デバッグログ設定の編集] - [デバッグオン] にチェックを入れ、[デバッグレベル] は "0"、[ログレベル] は "0 - Debug"、[ログファイルサイズ] は "10000" と設定することで有効化できます。
デバッグロギングの変更を有効にするには、SEP サービスを再起動する必要があります。
また、GUP のポート 2967 に telnet で接続し、GUP ログで接続を確認できます。以下は、GUP が他のマシンからの接続を受信し、接続は動作しているが、接続のデータが悪く、GUP が接続を拒否している例です:
03/21 23:00:59 [2628:1908] GUProxy: thread [1908] accepted on socket 2228
03/21 23:01:03 [2628:1908] GUPROXY - GUProxy HTTP in - H
03/21 23:01:03 [2628:1908] GUPROXY - malformed or misdirected request
03/21 23:01:03 [2628:1908] GUProxy - closing accepted socket
以下はクライアントからの接続と更新に成功した例です。
03/23 11:06:01 [2640:2088] GUProxy: thread [2088] accepted on socket 2012
03/23 11:06:01 [2640:2088] GUPROXY - GUProxy HTTP in - GET /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/80322021/delta8032
03/23 11:06:01 [2640:2088] GUPROXY - GUProxy File - /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/80322021/delta80322003.dax
03/23 11:06:01 [2640:2088] GUProxy content cached - sending to client
03/23 11:06:01 [2640:2088] GUProxy - closing accepted socket
03/23 11:06:01 [2640:2088] GUProxy thread [2088] accepting
以下は GUP が最初に設定されたときに debug.log に表示される内容です。
03/21 20:03:05 [2628:3124] GUProxy: PolicyUpdateCallback called
03/21 20:03:06 [2628:3124] GUProxy system event - type 0 - desc <Start using Group Update Provider (proxy server) @ 192.168.2.4:2967.> -extra <(null)>
03/21 20:03:06 [2628:3124] GUProxy: Start using Group Update Provider (proxy server) @ 192.168.2.4:2967.
03/21 20:03:06 [2628:3124] GUProxy system event - type 0 - desc <Start serving as the Group Update Provider (proxy server).> - extra <(null)>
03/21 20:03:06 [2628:3124] GUProxy: Policy Change - Client will start serving as a local proxy server @ 192.168.2.4:2967
03/21 20:03:06 [2628:3124] GUProxy: SetUpGUPListenSocket
03/21 20:03:06 [2628:3124] GUProxy: Create new GUP socket
03/21 20:03:06 [2628:3124] GUProxy: creating GUP listen socket with port 2967
03/21 20:03:07 [2628:1908] GUProxy: listenthread [1908] starting
03/21 20:03:07 [2628:1908] GUProxy thread [1908] accepting
以下はキャッシュにないファイル要求が、GUP によって SEPM から取得された例です。
03/24 13:26:08 [1436:1796] GUProxy: thread [1796] accepted on socket 2404
03/24 13:26:08 [1436:1796] GUPROXY - GUProxy HTTP in - GET /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/80324005/delta8032
03/24 13:26:08 [1436:1796] GUPROXY - GUProxy File - /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/80324005/delta80323019.dax
03/24 13:26:08 [1436:1796] GUProxy new cache entry
03/24 13:26:08 [1436:1796] GUPROXY - GUProxy mangled file -
#content#{C60DC234-65F9-4674-94AE-62158EFCA433}#80324005#delta80323019!dax
03/24 13:26:09 [1436:1796] Lock held for 47ms
03/24 13:26:09 [1436:1796] GUPROXY - GUProxy - Requested file not in cache; contacting the SEPM server at - L-L3F3526
03/24 13:26:09 [1436:1796] GUPROXY - GUProxy Response - HTTP/1.1 200 OK Server: Microsoft-IIS/5.1 X-Powered-By: ASP.NET Dat
03/24 13:26:09 [1436:1796] GUProxy - sending response to client
03/24 13:26:09 [1436:1796] GUProxy - closing accepted socket
03/24 13:26:09 [1436:1796] GUProxy thread [1796] accepting
以下はクライアントから GUP に更新を要求する Sylink ログの例です。
03/24 14:29:04 [2232] <LUThreadProc>Got a valid context from GetCurrentServerEx
03/24 14:29:04 [2232] <LUThreadProc>Setting the session timeout on LUSession to 2 min.
03/24 14:29:04 [2232] <mfn_MakeGetLUFileIISUrl:>Requested Content Path is:
/content/{C60DC234-65F9-4674-94AE-62158EFCA433}/80324005/delta80323019.dax
03/24 14:29:04 [2232] <GetLUFileRequest:>IIS URL: /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/80324005/delta80323019.dax
03/24 14:29:04 [2232]
<GetLUFileRequest:>http://192.168.2.5:2967/content/{C60DC234-65F9-4674-94AE-62158EFCA433}/80324005/delta80323019.dax
03/24 14:29:04 [2232] <GetLUFileRequest:>NEW download: C:\Program Files\Symantec\Symantec Endpoint Protection\LiveUpdate\LUF5.tmp
03/24 14:29:04 [2232] <UpdateLUFileList:>Updating existing Download File List with : {C60DC234-65F9-4674-94AE-62158EFCA433}80324005
03/24 14:29:04 [2232] <UpdateLUFileList:>Updating existing Download File List Temp file name from: to C:\Program Files\Symantec\Symantec Endpoint Protection\LiveUpdate\LUF5.tmp
03/24 14:29:04 [2232] 14:29:4=>Sending HTTP REQUEST to download LU file
03/24 14:29:05 [2232] 14:29:5=>HTTP REQUEST sent
03/24 14:29:05 [2232] <GetLUFileRequest:>IIS return=200
03/24 14:29:05 [2232] <mfn_DoGetLUFile200>Downloading LU file from server. Moniker: {C60DC234-65F9-4674-94AE-62158EFCA433}Server File Path:/content/{C60DC234-65F9-4674-94AE-62158EFCA433}/80324005/delta80323019.daxLocal Path:C:\Program
Files\Symantec\Symantec Endpoint Protection\LiveUpdate\LUF5.tmp
03/24 14:29:05 [2232] <mfn_DoGetLUFile200>Content Length => 35403
03/24 14:29:05 [2232] <UpdateLUFileList:>Updating existing Download File List with : {C60DC234-65F9-4674-94AE-62158EFCA433}80324005
03/24 14:29:05 [2232] <UpdateLUFileList:>Updating existing Download File List Temp file name from: C:\Program Files\Symantec\Symantec Endpoint Protection\LiveUpdate\LUF5.tmp to C:\Program Files\Symantec\Symantec Endpoint Protection\LiveUpdate\LUF5.tmp
03/24 14:29:05 [2232] <mfn_DoGetLUFile200>LU Content Downloaded. Moniker: {C60DC234-65F9-4674-94AE-62158EFCA433} Target Seq:80324005 Full version:0 Delta Base Seq:80323019
03/24 14:29:05 [2232] <PostEvent>going to post event=EVENT_LU_DOWNLOAD_COMPLETED
03/24 14:29:25 [2224] <CSyLink::mfn_DownloadNow()>
03/24 14:29:25 [2224] </CSyLink::mfn_DownloadNow()>
03/24 14:29:30 [2232] <PostEvent>done post event=EVENT_LU_DOWNLOAD_COMPLETED, return=0
以下は、GUP がオフラインの場合に Sylink で表示される内容です。
03/25 00:38:01 [2232] <LUThreadProc>Setting the session timeout on LUSession to 2 min.
03/25 00:38:01 [2232] <mfn_MakeGetLUFileIISUrl:>Requested Content Path is:
/content/{812CD25E-1049-4086-9DDD-A4FAE649FBDF}/80324040/delta80321051.dax
03/25 00:38:01 [2232] <GetLUFileRequest:>IIS URL: /content/{812CD25E-1049-4086-9DDD-A4FAE649FBDF}/80324040/delta80321051.dax
03/25 00:38:01 [2232]
<GetLUFileRequest:>http://192.168.2.5:2967/content/{812CD25E-1049-4086-9DDD-A4FAE649FBDF}/80324040/delta80321051.dax
03/25 00:38:01 [2232] <GetLUFileRequest:>NEW download: C:\Program Files\Symantec\Symantec Endpoint
Protection\LiveUpdate\LUF140D.tmp
03/25 00:38:01 [2232] <UpdateLUFileList:>Updating existing Download File List with : {812CD25E-1049-4086-9DDD-A4FAE649FBDF}80324040
03/25 00:38:01 [2232] <UpdateLUFileList:>Updating existing Download File List Temp file name from: to C:\Program Files\Symantec\Symantec Endpoint Protection\LiveUpdate\LUF140D.tmp
03/25 00:38:01 [2232] 0:38:1=>Sending HTTP REQUEST to download LU file
03/25 00:38:24 [2224] <CSyLink::mfn_DownloadNow()>
03/25 00:38:24 [2224] </CSyLink::mfn_DownloadNow()>
03/25 00:38:24 [2232] 0:38:24=>HTTP REQUEST sent
03/25 00:38:24 [2232] <GetLUFileRequest:>Send Request failed.. Error Code = 12029
03/25 00:38:24 [2232] <ParseErrorCode:>12029=>The attempt to connect to the server failed.
03/25 00:38:24 [2232] <GetLUFileRequest:>IIS return=0
03/25 00:38:24 [2232] <ParseErrorCode:>12029=>The attempt to connect to the server failed.
03/25 00:38:24 [2232] <GetLUFileRequest:>COMPLETED
03/25 00:38:24 [2232] <LUThreadProc> - GETLUFILE_CONNECTION_ERROR getting content moniker:
{812CD25E-1049-4086-9DDD-A4FAE649FBDF}; revision: 80324040 from server: 192.168.2.5
03/25 00:38:24 [2232] LU file download failed due to HTTP error:0
03/25 00:38:24 [2232] <CExpBackoff::Increment()>
03/25 00:38:24 [2232] Backoff index incremented
03/25 00:38:24 [2232] Backoff wait index: 1
03/25 00:38:24 [2232] </CExpBackoff::Increment()>
03/25 00:38:24 [2232] <CExpBackoff::Wait()>
03/25 00:38:24 [2232] CExpBackoff wait time in seconds: 32
03/25 00:38:56 [2232] </CExpBackoff::Wait()>
03/25 00:38:56 [2232] <LUThreadProc>Setting the session timeout on LUSession to 2 min.
03/25 00:38:56 [2232] <mfn_MakeGetLUFileIISUrl:>Requested Content Path is:
/content/{E5A3EBEE-D580-421e-86DF-54C0B3739522}/80324040/delta80321051.dax
03/25 00:38:56 [2232] <GetLUFileRequest:>IIS URL: /content/{E5A3EBEE-D580-421e-86DF-54C0B3739522}/80324040/delta80321051.dax
03/25 00:38:56 [2232]
<GetLUFileRequest:>http://192.168.2.5:2967/content/{E5A3EBEE-D580-421e-86DF-54C0B3739522}/80324040/delta80321051.dax
03/25 00:38:56 [2232] <GetLUFileRequest:>NEW download: C:\Program Files\Symantec\Symantec Endpoint
Protection\LiveUpdate\LUF140E.tmp
03/25 00:38:56 [2232] <UpdateLUFileList:>Updating existing Download File List with : {E5A3EBEE-D580-421e-86DF-54C0B3739522}80324040
03/25 00:38:56 [2232] <UpdateLUFileList:>Updating existing Download File List Temp file name from: to C:\Program Files\Symantec\Symantec Endpoint Protection\LiveUpdate\LUF140E.tmp
03/25 00:38:56 [2232] 0:38:56=>Sending HTTP REQUEST to download LU file
03/25 00:39:18 [2232] 0:39:18=>HTTP REQUEST sent
03/25 00:39:18 [2232] <GetLUFileRequest:>Send Request failed.. Error Code = 12029
03/25 00:39:18 [2232] <ParseErrorCode:>12029=>The attempt to connect to the server failed.
03/25 00:39:18 [2232] <GetLUFileRequest:>IIS return=0
03/25 00:39:18 [2232] <ParseErrorCode:>12029=>The attempt to connect to the server failed.
03/25 00:39:18 [2232] <GetLUFileRequest:>COMPLETED
03/25 00:39:18 [2232] <LUThreadProc> - GETLUFILE_CONNECTION_ERROR getting content moniker:
{E5A3EBEE-D580-421e-86DF-54C0B3739522}; revision: 80324040 from server: 192.168.2.5
03/25 00:39:18 [2232] LU file download failed due to HTTP error:0
03/25 00:39:18 [2232] <CExpBackoff::Increment()>
03/25 00:39:18 [2232] Backoff index incremented
03/25 00:39:18 [2232] Backoff wait index: 2
03/25 00:39:18 [2232] </CExpBackoff::Increment()>
03/25 00:39:18 [2232] <CExpBackoff::Wait()>
03/25 00:39:18 [2232] CExpBackoff wait time in seconds: 64
03/25 00:39:26 [2224] <CSyLink::mfn_DownloadNow()>
03/25 00:39:26 [2224] </CSyLink::mfn_DownloadNow()>
03/25 00:40:22 [2232] </CExpBackoff::Wait()>