Copyright 2009 Trend Micro Inc. Classification 9/19/2015 1 Troubleshooting TMSP Marks Shen Senior Engineer – QA Evan Wang Engineer - QA.

Slides:



Advertisements
Similar presentations
WordPress Installation for Beginners Sheila Bergman
Advertisements

© 2012 Entrinsik, Inc. Informer Administration Exploring the system menu and functions PRESENTER: Jason Vorenkamp| Informer Software Engineer| March 2012.
Designing, Deploying and Managing Workflow in SharePoint Sites Steve Heaney Product Development Manager OBS
ESafe Reporter V3.0 eSafe Learning and Certification Program February 2007.
Week 6: Chapter 6 Agenda Automation of SQL Server tasks using: SQL Server Agent Scheduling Scripting Technologies.
Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 1 Unity Connection Qualification for Prime Collaboration Development Release.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.
Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Unity Connection 7.0 Directory Integration TOI Manoj Agrawal
Security Guidelines and Management
©2011 Quest Software, Inc. All rights reserved. Steve Walch, Senior Product Manager Blog: November, 2011 Partner Training Webcast.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. 1 Cryptographic.
Talend 5.4 Architecture Adam Pemble Talend Professional Services.
1 Objectives Discuss the Windows Printer Model and how it is implemented in Windows Server 2008 Install the Print Services components of Windows Server.
Copyright 2007– WinWare, Inc. Session: How to Utilize the Open Database Architecture of CribMaster Presenter: Phil Stenger.
Today’s Agenda Chapter 12 Admin Tasks Chapter 13 Automating Admin Tasks.
Automating Student Course Profile & Student Record Report Uploads to GaDOE Chris A. McManigal Camden County Schools Kingsland, GA.
1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Security.
SConnect – Supplier Portal Registration Process. Dddddd ddddddd Process flow…
© 2011 PLANET TECHNOLOGIES, INC. Augmenting User Profiles with Line of Business Data Patrick Curran, MCT APRIL 28, 2012.
ITimpulse NOC process This is an interactive, detailed, step wise guide explaining how alerts are managed at our NOC. This document contains information.
IBM Software Group Washington Area Informix User Group Forum 2004 The DB2 DBA Checklist Dwaine R Snow, DB2 & Informix.
Migration XenDesktop 7. © 2013 Citrix | Confidential – Do Not Distribute Migration prerequisites Set up a XenDesktop 7 Site, including the site database.
NPR DS Marketing Forms powered by Springboard Reports May, 2015.
Senior Design 2010 Group 10.  Students  Nathan Dane  Jamin Hitchcock  Eric Tweedt  Advisor  Tien Nguyen  Client  Mary Greeley Medical Center 
XenClient Enterprise 4.5 Diagnostics. XenClient Enterprise 4.5 Diagnostics Copyright © 2013 Citrix Page 2 Table of Contents Engine and Synchronizer Problem.
Copyright COMPLETExRM, Inc. All rights reserved. Sales Presentation 1 For Real Estate.
Recovery-Oriented Computing User Study Training Materials October 2003.
CSI-E Computer Security Investigator – Enterprise.
Chapter 8 Implementing Disaster Recovery and High Availability Hands-On Virtual Computing.
Copyright 2009 Trend Micro Inc. Classification 9/23/ Troubleshooting TMSP Marks Shen Senior Engineer – QA Evan Wang Engineer - QA.
Unit 9 – PEMS Blackberry Application Training. Course Goals What can PEMS do on my Blackberry? –basic functionality overview –planning information –reporting.
User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.
TVAC Electronic Call Sheet System Team HeatWave Summer 2007.
Vantage Report 3.0 Product Sales Guide
Overview of MSS System Human Actors Non-Human Actors In-house developed components Third party products.
Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.
TEAM Basic TotalElectrostatic ManagementAwareness&
Unicenter Desktop & Server Management Components & Communication -Latest Revision 12/09/2005.
TELE 301 Lecture 10: Scheduled … 1 Overview Last Lecture –Post installation This Lecture –Scheduled tasks and log management Next Lecture –DNS –Readings:
The Capabilities of AdminP Carilyn E. Daniel KMAS Consulting.
Phone: Mega AS Consulting Ltd © 2007  CAT – the problem & the solution  Using the CAT - Administrator  Mega.
© 2013 Cisco System Inc. All rights reserved Cisco Confidential 1 © 2013 Cisco System Inc. All rights reserved. 1 System Backup And Restore Utility.
Classification 10/24/2015 Presenter Name Presenter Title Threat Discovery Appliance 2.0 Debug feature and troubleshooting.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.
EVERY CONNECTION has a starting point. EVERY CONNECTION has a starting point. WorldCat Navigator - Authentication OCLC Hosted Navigator EZproxy and Patron.
September Interface Kickoff Sunflower Project Statewide Management and Reporting Tool Update September 02, 2009.
© 2006 Cisco Systems, Inc. All rights reserved.1 Connection 7.0 Serviceability Reports Todd Blaisdell.
Classification Presenter Name Presenter Title TDA Troubleshooting sharing.
Exchange Deployment Planning Services Exchange 2010 Complementary Products.
CIT 470: Advanced Network and System AdministrationSlide #1 CIT 470: Advanced Network and System Administration System Monitoring.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
03 | Manage Team Foundation Server Steven Borg | Co-founder & Strategist, Northwest Cadence Anthony Borton | ALM Consultant, Enhance ALM.
Collaborative Planning Training. Agenda  Collaboration Overview  Setting up Collaborative Planning  User Setups  Collaborative Planning and Forecasting.
DST Online Training This session covers a range of topics relating to the DST Web Initiative. We are showing what we use and what is available for you.
Copy to Tape TOI. 2 Copy to Tape TOI Agenda Overview1 Technical Feature Implementation2 Q&A3.
Hyperion Artifact Life Cycle Management Agenda  Overview  Demo  Tips & Tricks  Takeaways  Queries.
1Maria Dimou- cern-it-gd LCG November 2007 GDB October 2007 VOM(R)S Workshop report Grid Deployment Board.
@toniblyx at #SummitNow Alfresco Backup and Recovery Tool: a real world backup solution November 2013 Toni de la Fuente – Alfresco Senior Solutions Engineer.
Page ADP PearsonAccess Proctor Training. Page Agenda Test Overview Testing Components Proctor Roles and Responsibilities Overview Administering the Test.
Ariba Punch-Out Catalog Process Flow
CACI Proprietary Information | Date 1 PD² v4.2 Increment 2 SR13 and FPDS Engine v3.5 Database Upgrade Name: Semarria Rosemond Title: Systems Analyst, Lead.
IT Handbooks 1. IT Handbook – CAM 2. IT Handbook – LSP 3. IT Handbook – CDF 4. IT Handbook - POL.
Azure SQL Database Updates
Core Elements Engineering - Midrange
Manual for Supplier Registration
ODP node monitoring and maintenance
Presentation transcript:

Copyright 2009 Trend Micro Inc. Classification 9/19/ Troubleshooting TMSP Marks Shen Senior Engineer – QA Evan Wang Engineer - QA

Copyright 2009 Trend Micro Inc. Classification 9/19/ Agenda |  Frequent Case  Debug log and information  Troubleshooting  Q&A

Copyright 2009 Trend Micro Inc. No report was generated Logs need to collect on Daemon Server –/opt/TrendMicro/tdss/tdes/log/iae_log.txt –/var/log/cron Information –Customer expiration date –Device register to TMSP

Copyright 2009 Trend Micro Inc. No report was generated Cont. Normal debug log for log correlation and report generation Crontab task cron_iae.sh will be executed at 2:15 am every day

Copyright 2009 Trend Micro Inc. No report was generated Cont. Report will not be generated if Customer service get expired Customer without device registered

Copyright 2009 Trend Micro Inc. No incident in report Logs need to collect on Daemon Server –/opt/TrendMicro/tdss/tdes/log/iae_log.txt Information –Check if TDA log has uploaded Latest log time

Copyright 2009 Trend Micro Inc. Cannot access Admin console (err 404) Logs need to collect on Daemon Server –/var/log/httpd/access_log –/var/log/httpd/error_log Information –ps –ef | grep httpd –Netstat –anp | grep httpd

Copyright 2009 Trend Micro Inc. No Rsync log uploaded Logs need to collect on Access Server –Log receiver /home/tdalog/log /pre-post-exec.log /home/tdalog/log/ db_import_tda.log /home/tdalog/log/ db_import_tdm.log –Authentication (describe in next sides) Information –Ps –ef | grep tmsshd –Netstat –anp | grep tmsshd Listen on port 22

Copyright 2009 Trend Micro Inc. No Rsync log uploaded Cont. Normal procedure debug log of TDA log processing –/home/tdalog/log/pre-post-exec.log

Copyright 2009 Trend Micro Inc. CAS server case Problems caused by CAS failure : –Device register to TMSP fail –Customer portal login fail –Log uploading fail through RSYNC Logs need to collect on Access Server: –/var/log/messages –/var/log/cas_8000.log –/var/log/cas_8001.log –/var/log/cas_8002.log Information: Ps –ef | grep pound Ps –ef | grep rubcasd Normal log of CAS authentication –/var/log/cas_8000.log

Copyright 2009 Trend Micro Inc. CAS server case – Service down TDA register fail Check /var/log/messages Recover –If pound or cas service is down /etc/init.d/pound start /etc/init.d/rubcasd start

Copyright 2009 Trend Micro Inc. Data Gateway Case Problems caused by Data Gateway failure : –OCS Heartbeat / OCS log real-time cannot upload –T2 / T3 mitigation request cannot deliver to TMTM –SIC sample cannot upload from TMTM Logs need to collect on Access Server: –/opt/TrendMicro/dg/apache-tomcat /webapps/dg/WEB- INF/logs/dg.log –$APACHE_HOME/logs/ssl_request_log_dg –$APACHE_HOME/logs/error_log –/opt/TrendMicro/dg/apache-tomcat /logs/catalina.out Information: Ps –ef | grep httpd Ps –ef | grep tomcat Netstat –anp | grep 443 Netstat –anp | grep 8009

Copyright 2009 Trend Micro Inc. Data Gateway Case – DB disconnect TDA register fail Check apache error log: /usr/apache/logs/error_log

Copyright 2009 Trend Micro Inc. Customer portal cannot login Logs need to collect on Access Server: –/opt/TrendMicro/dg/apache-tomcat /webapps/tms2/WEB-INF/logs/tms.log –$APACHE_HOME/logs/ssl_request_log_portal –$APACHE_HOME/logs/error_log –/opt/TrendMicro/dg/apache-tomcat /logs/catalina.out Information Ps –ef | grep httpd Ps –ef | grep tomcat Netstat –anp | grep 443 Netstat –anp | grep 8009

Copyright 2009 Trend Micro Inc. Cannot get notification Exclude Mail server problem, collect debug logs: –/root/infomation.log –/var/log/cron No Subscription DB connection fail

Copyright 2009 Trend Micro Inc.

FAQ Q: How to re-generate report manually? Login TDES machine, change dir to "/opt/TrendMicro/tdss/tdes/"; –1. Daily Report #php gendailydata.php user_id YEAR MONTH DAY example: "php gendailydata.php trend " generate daily report of for customer "trend“ –2. Executive Report (Weekly / Monthly) #php genexecdata.php user_id START_DATE START_DATE yes m/w START_DATE: report start data with format “YYYY-MM-DD” START_DATE: report end data with format “YYYY-MM-DD” yes: if this report will be imported into DB m/w: monthly or weekly example: "php genexecdata.php trend yes m" to generate monthly report for customer "trend" of –3. Upsell Report # php genupselldata.php user_id START_DATE END_DATE no example: " php genupselldata.php trend no" to generate upsell report for customer "trend" from to Note: Upsell report will not be imported into DB and cannot download from admin console

Copyright 2009 Trend Micro Inc. FAQ Q: What the difference between two service type “TDS” and “TLMS”? A: “TDS” service is set to the customer, who has TDA deployed. “TLMS” service is set to the customer, who has both TDA and TMTM deployed. TMSP provide different report for these 2 service type, and for TLMS, TMSP provide additional UI for abnormal endpoints handling process.

Copyright 2009 Trend Micro Inc. FAQ Q: Why AE status show N/A on Admin console? A: AE (Abnormal Endpoint) status is designed for the customers, who has TMTM deployed, to show the mitigation failed client on TMSP UI. That means, only the customer with service type “TLMS” will show the AE details in TMSP admin UI as link.

Copyright 2009 Trend Micro Inc. FAQ Q: Whether the IAE will be updated ? A: Yes, TMSP IAE rules will be updated timely to detect new threats. Currently, the rule is updated monthly. In TMSP side, we get new threat rule from threat team and deploy to each site after verification.

Copyright 2009 Trend Micro Inc. FAQ Q: Can TMSP generate DOC format report? A: No, currently, TMSP can only generate report in PDF format.

Copyright 2009 Trend Micro Inc. FAQ Q: How to backup Database? A: Here are two type of DB backup, Full Backup and Lightweight Backup. Full backup : Backup full database of TMSP #mysqldump -uroot -p"$password" tdors_new > tdors_new_backup.sql

Copyright 2009 Trend Micro Inc. FAQ Lightweight DB backup: Backup customer info, configuration and some correlation result. # mysqldump -h $host -u$account -p"$password" tdors_new access_code admin_log admins contacts customer customer_expiration_conf customer_expiration_notif notification ocs_ast_event ocs_malware scsd_case scsd_case_followup scsd_case_status scsd_pattern scsd_pattern_status scsd_sample_info scsd_sample_summary t2t3_dce_result tb_devprofile> SJDC2.5.sql After backup entire database, it is recommended to store the backup file into another physical storage.

Copyright 2009 Trend Micro Inc. Q&A

Copyright 2009 Trend Micro Inc. Classification 9/19/ THANK YOU!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.