cancel
Showing results for 
Search instead for 
Did you mean: 

Software Updater logs

Highlighted
Scholar

Software Updater logs

Hi,

 

[Client Security Premium 11.6 on Win7 and 8.1]

 

We have the Software Updater set to "ask user" to reboot, and to force a reboot only after five days. However, some machines are still restarting without asking and without the five day window elapsing - it happens shortly after the Software Updater's scheduled installation time, which is why we think it's the culprit.

 

Are there any Software Updater logs on the endpoint to say what was installed at a given time and why the decision to forcibly reboot was made?

 

Many thanks,

alec

4 REPLIES 4
Community Manager
Community Manager

Re: Software Updater logs

You can find the most of the software updater related logs on the end-point under C:\ProgramData\F-secure\Logs\FSOFUPD

 

Let us know the results of your investigation or if you need further assistance.



Best Regards

-Ben

_________________________________

Has somebody helped you? Say thanks by giving likes. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.
Scholar

Re: Software Updater logs

Hi Ben,

 

Thanks for the tip :)

 

I'm looking for the line that says "I forcibly rebooted this computer in direct contradiction of policy because...." Any idea what I should be looking for?

 

There are a few lines that look like this in fssua.log:

 

1 90C 14/11/19 00:00:36 Installation status explanation: Type: return code (1), Id: 55, Status: pending reboot (3), Return code: 3010, Timestamp: 0

 

...but I've not found a smoking gun just yet!

 

alec

Scholar

Re: Software Updater logs

Here's the Smoking Gun, from the Windows eventlog:

 

The process C:\ProgramData\F-Secure\FSOFTUPD\deploy\SafeReboot.exe (COMPUTER) has initiated the restart of computer COMPUTER on behalf of user NT AUTHORITY\SYSTEM for the following reason: Application: Installation (Planned)
Reason Code: 0x80040002
Shutdown Type: restart

Now, the question is, why'd it do that when the policy is set to Ask User?

 

Many thanks,

alec

Community Manager
Community Manager

Re: Software Updater logs

Hello Alecw,

 

In order to fully understand what happened there, could you open a support ticket, providing and fsdiag of the impacted machine?



Best Regards

-Ben

_________________________________

Has somebody helped you? Say thanks by giving likes. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.