• Advertisement

GraywarePattern update error code 7

Firewalls, PIX, ASA, VPN, Access Control List, User Authentication, Data Encryption and Best Practices.

GraywarePattern update error code 7

Postby Guest » Mon Jan 10, 2011 2:53 pm

Ive gotten this message a couple of nights recently:

 

 

GraywarePattern : Pattern Update: The download file was unsuccessful for ActiveUpdate did not receive a return code from the patch process. The update process may have terminated abnormally. The product needs to retry the patch update.. The error code is 7.

 

 

Has anyone else had this problem?

 

Thanks

AD

Guest
 

Advertisement

Re:GraywarePattern update error code 7

Postby Guest » Mon Jan 10, 2011 3:15 pm

 

 

Hi Amy,

 

What version of code are you running on the CSC module?  There are some software issues that could cause this.  CSCtg06921 , and CSCtc37947 are possible causes of this issue.  If you are not running the latest patch 6.3.1172.3, I would suggest to try that.

 

Hope this helps.

 

regards,

 

Wasan

Guest
 

Re:GraywarePattern update error code 7

Postby Guest » Mon Jan 10, 2011 4:53 pm

We are running  software version:   CSC SSM 6.3.1172.3.  The virus pattern and anti-spam patterns were downloaded and instaleld successfully, it was just the Grayware Pattern with the problem. 

Guest
 

Re:GraywarePattern update error code 7

Postby Guest » Mon Jan 10, 2011 5:21 pm

Amy,

 

I would suggest opening a case with TAC. They will be able to help you delete the corrupt patterns files so that you can update the grayware patterns successfully.

 

I hope it helps,

PK

Guest
 

Re:GraywarePattern update error code 7

Postby Guest » Mon Jan 10, 2011 5:27 pm

Amy,

See if you can follow this procedure. If you are reluctant then like PK says open a TAC case.

 

We have seen this issue being caused by a corrupted update package. To  fix this problem, we need to go into the command line and clear out the
temporary update files.

The whole process takes about 10 minutes and you will need to restart  the services on the CSC module (should take just a minute or so and
should not cause any outage).

# First, enable the root account on your CSC module by performing the
following steps.
1. SSH/Telnet to ASA
2. Session into the Module with the command: session 1
3. Login with the username cisco and the CSC password
4. Select Troubleshooting Tools | Enable root account
5. Logout and Login again to session 1 but this time using the oot
account
(default password is cisco)

Then, modify the file system by doing the following:

1) change to the /opt/trend/isvw/tmpfs/AU/AU_Log directory, and remove
all files:

-bash-3.00# cd /opt/trend/isvw/tmpfs/AU/AU_Log
-bash-3.00# rm *

2) Change to the /opt/trend/isvw/tmpfs/AU/AU_Temp directory, and remove
all files:

-bash-3.00# cd /opt/trend/isvw/tmpfs/AU/AU_Temp
-bash-3.00# rm -rf *

3) Change to the /opt/trend/isvw/tmpfs/AU/AU_Workdir
Remove all of the files and directories except the following directories:

    piranhacache
    piranhaengine
    piranharule

-bash-3.00# cd /opt/trend/isvw/tmpfs/AU/AU_Workdir
-bash-3.00# ll
drwxr-xr-x    2 isvw     isvw           60 Aug 18 02:49 AU_Backup
drwxr-xr-x    2 isvw     isvw           40 Aug 20 02:17 piranhacache
drwxr-xr-x    2 isvw     isvw           40 Jul 27  2007 piranhaengine
drwxr-xr-x    2 isvw     isvw           40 Aug 20 02:17 piranharule
-rw-r--r--    1 isvw     isvw         8071 Aug 17 00:00 tmblack.121
-rw-rw-r--    1 isvw     isvw      1575731 Aug 18 02:49 tmwhite.459
-rw-r--r--    1 isvw     isvw      1580567 Aug 20 02:48 tmwhite.461

-bash-3.00# rm -rf AU_Backup
-bash-3.00# rm *.*
-bash-3.00# ll
drwxr-xr-x    2 isvw     isvw           40 Aug 20 02:17 piranhacache
drwxr-xr-x    2 isvw     isvw           40 Jul 27  2007 piranhaengine
drwxr-xr-x    2 isvw     isvw           40 Aug 20 02:17 piranharule
-bash-3.00#

4) Then, exit and then session back into the module using the cisco account and restart the services.

- Please then issue a manual update and ensure the update works. Then  please send me the console log from when you made the changes, and let
me know if the behavior has changed.

 

-KS

Guest
 



  • Advertisement


Similar topics


Return to Cisco Security

Who is online

Users browsing this forum: No registered users and 4 guests