Endpoint Standard: How to Troubleshoot Local Mirror Server Update Issues
Article ID: 288907
Updated On:
Products
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)
Issue/Introduction
Troubleshoot why a local mirror server is not obtaining updates
Environment
- Endpoint Standard (formerly CB Defense): All supported versions
- Local Mirror: All supported versions
- Linux OS: All supported versions
- Microsoft Windows: All supported versions
Resolution
- Check the scheduled task or cron job and ensure the local mirror update is running as expected
- Check the task for syntax errors and ensure directory paths are correct
- Run update manually to confirm issues with schedule
- Ensure the local mirror can reach CB's update server
- The update scripts direct the local mirror server to http://updates2.cdc.carbonblack.io/update2
- ping and nslookup can be run against updates2.cdc.carbonblack.io
- Use a web browser to download the master.idx file to check for access denied errors
http://updates2.cdc.carbonblack.io/update2/idx/master.idx
- If the local mirror server can reach the update server and download the master.idx, check proxy and perimeter firewall logs to determine if the issue is with downloading larger files
- Ensure there is no packet inspection of traffic between the local mirror and CB's update server performed by firewall or proxy
- If issues persist, reboot the local mirror to ensure there are no process holds on update files preventing the update
- If still not resolved, create a new local mirror (requires a new download directory and reconfiguring web server to this new directory)
- The new local mirror is created when running the command in Step 4 (both Windows and Linux) from the Local Mirror KB
Additional Information
- Typically the issue is caused by the scheduled update of the local mirror server not running as expected
- ProcMon and pcaps can also be used to investigate the local mirror update process
Feedback
Yes
No
Powered by
