Anyone else having an issue with the detections page being blank for all endpoints? I've reset all views and filters and still nothing, checked on a few other user's accounts as well and it's blank for everyone. Seems to have happened with the 9.2 upgrade.
bctirado We have the same problem, forgot to open a support ticket but thanks for reminding me :( It seems that KAV is having major problems with R9.2 (community.kaseya.com/.../21639.aspx)
We had this issue, resolved itself when we upgraded to 184.108.40.206 though I don't recall any specific mention of a fix for this.
Good tip, I updated and the detections are back. Thanks!
I just read the patch release notes, can't find any mention of this one, not in patch 5, 6 or 7.I happened to ask about changes in 220.127.116.11 but they insist only one thing was fixed.We have the 18.104.22.168 patch active that was pulled, so only miss 22.214.171.124 and I can't open detections at all.I'm getting time-out errors now, so maybe something is going on here, but I'll check back on Monday.
So, today I'm seeing normal numbers of Detections for selected machines.
It seems patch 126.96.36.199 and 188.8.131.52 should be the patch level to fix this issue.
Patched to 184.108.40.206 yesterday and still Detections is blank *sigh*
Does the screen even report a few seconds of "Loading" before going blank?That's what I was getting before, but that is now OK after restarting the Kaseya Anti Virus service on our VSA.
Could also have something to do with the KAV queue not reporting to the table that holds the Detections.In SQL you should have a filled table kav.ThreatDetection, for us the number is almost half a million
OudjesEric It does the loading and it takes a while but nothing comes up, no filtering used.
220.127.116.11 did fix the MS Msg Queue problem it seems. kes.service Queue messages is empty, but subscriptions has 129 "stuck" messages with label "Rhino.ServiceBus.Messages.AddSubscription" as does kam.service. I wonder if it's safe to purge them? They are all two days old so they've gone into the queue just before the update to 18.104.22.168
I could not find kav.ThreatDetection, but I found that kav.vThreats has data.
I was looking the Views, but kav.ThreatDetection is under Tables :)
I restarted Kaseya Antivirus Service and the Msg Queue problem is back *sigh* Can you somehow automate the queue purging? And you'd also need to automate the sql truncate...
Doing a default reset of the queue may not be the best option.The queue contains information from agents that needs to go into the Kaseya database.
Resetting the queue temporarily breathes life into KAV events, but does that by throwing away information.So, that means you may miss valuable information, like virusses found on scans.
Thinking back on the things that were done on our Kaseya server, I neglected to mention an important change.In a fix that was installed some 2 weeks ago, some communication from agents is not sent through the queue mechanism.This was needed in our case, because some errors have the effect of blocking further processing of the queue.The fix creates a logfile that catches these communication errors and keeps the queue from getting blocked.
I don't have a ticket number that logs this fix somehow, so not sure how you could get this fix as a temporary workaround.
OudjesEric Thanks for the info, I guess it's finally time to bother the kaseya support ;)
Here are the steps to take:
USE ksubscribers DELETE FROM kav.unprocessedclientevent DELETE FROM kav.clienteventdeadletter DELETE FROM kam.unprocessedclientevent
Note: Again, this is not a full fix, simply a momentary relief that you can take in order to help at the moment. This issue is prioritized by Engineering and they are working on it.