This is an issue that's been annoying us at our workplace for a little while now. For whatever reason, when some computers at our work our shut down, the "virus definition out of date" flag will be triggered on said computer in the VSA. I was just wondering if there is a way to fix this annoyance because seeing that flag show up after just having updated the definitions the day prior. Would updating to the next available patch fix this. As of right now, we are running version 184.108.40.206 but I'm seeing a notification that a new patch (220.127.116.11) is available for download. I see in the release notes that for the AV component, that there's a fix in that helps mitigate inaccurate database definition dates from showing.
I do not think that specific patch would solve this issue. This was to show the date of the definition file vs the date the database was updated. I would recommend updating to 18.104.22.168, since there have been a good amount of patches that have made the product better.
Technically this flag is set if the definition database date is older than 2 days. If anything other than this is showing a flag, please submit a ticket and you can reference that ticket here, and I will look into why this is happening. Having your VSA updated to the latest patch will help with identifying the issue as well.
I have just opened a ticket. The reference # is 182628.
Are you able to update to the latest patch and see if the problem persists?
Could you add screen shots of the ticket? Specifically where the flag is showing, but the definition date is within 2 days.
We are running .31 and seeing similar behaviour. We run a report every day to show all agents that are out of date. Yesterday over 80% of the agents showing as being out of date all had defninition dates from the same day.
This module and the endpoint service are like pulling teeth.
I haven't updated to the latest patch yet, but I could give that a shot too. And I'll add a screenshot to the ticket so you can see an instance of when this is happening.
I updated the ticket with the screenshot, but here's a direct link to the image as well: p6.zdusercontent.com/.../Sm3vsVuD9xz7kqP3LGAKFeHlX
I would like to help with this. I have not seen this behavior in house. I would be happy to look at your system to see why you are seeing this. Please contact me at email@example.com, if you would like to do so.
dczarnecki, please feel free to email me, if you want me to look at your VSA as well.
Thanks, Charles. I just sent you an email.
Just wondering what the status on this is since it's now been 2 weeks since I've emailed you.
Also, while we're still trying to figure this out, I was just wondering if there's any way to actually change the amount of days that pass before the definitions out of date flag gets triggered in the VSA. I know there's an option in the alerts section that can be changed, but I know for a fact that can't control the flag itself. There are numerous computers that we keep as spares in our storage room, and it gets a little annoying seeing that flag come up for them because a good bulk of these machines stay offline indefinitely and never see the light of day unless some need for them arises.
Can I breath some new life into this discussion, since it's an interesting one.
KAV has been more than annoying to really control and being able to guarantee to customers things are OK.
So, wondering if Charles or dczarnecki could update this with a current status?
I did not see anything abnormal on dczarnecki's VSA. I have made a story for a feature request that states the following:
"As a VSA admin I would like to have the option to change the number of days the definition files are out of date before showing a flag on the machines page, so that the flags do not show up so often."
I would like to hear what you think is annoying to control. We have been working hard to improve the quality of all of our products and I personally would like to help with any issues you are having.
I would also be happy to jump on your VSA if you want to see if this flag is working properly for you. Please feel free to email me at firstname.lastname@example.org
This was a huge problem for us - 30-50 alerts per day on just 1200 endpoints.
We wrote our own smart monitor that forces an update of the AV (about 9 products currently) if it reports being out of date and then performs a later check before alerting Kaseya that the definitions are outdated. We're now above 3000 endpoints and get maybe 2-3 AV def alerts a week.
Of course, that may not help with reporting using built-in templates, but by querying the endpoint directly for status instead of what's reported to the agent, the tickets are way down. We also update an agent custom field with the results of the smart monitor, so we do have an alternate reporting method.
An update from my side with better results. Since we installed patch 22.214.171.124 the KAV issues have been drastically reduced. Out of almost 1.000 servers we have only 7 issues we need to look at. In the past we would have seen Definitions out of Date and Not Compliant with Profile problems both in the hundreds.
Workstations are a lot trickier, but it's going in the right direction.