Eset agent error when pushed

jalcorn
Contributor II

So eset has a script to install the agent which worked great. Now im getting a script error 1. I have no idea whats going on here. Im not getting alot of detail. Anyone else see this?

Sending Wake On LAN command... Opening SSH Connection to 10.10.160.21... Authenticating... Successfully authenticated. Verifying Computer's Identity... The MAC Address has been verified. Checking Operating System Version... Running Mac OS X 10.14 (18A391) Verifying /usr/local/jamf/bin/jamf... /usr/local/jamf/bin/jamf is current (10.7.1-t1536934276) Verifying /usr/sbin/jamf... /usr/sbin/jamf does not exist. Verifying /Library/Preferences/com.jamfsoftware.jamf.plist... Preparing Policy... Executing Policy 2018-10-16 at 3:16 PM | jalcorn | 1 Computer Running script Eset Agent Installer... Script exit code: 1 Script result: Error running script: return code was 1. Submitting log to https://jamf.chathamfinancial.com:8443/ Finished.
1 ACCEPTED SOLUTION

Look
Valued Contributor III

You need the actual KEXT Bundles in there, try adding the following in the lower part.
com.eset.kext.esets-kac
com.eset.kext.esets-mac
com.eset.kext.esets-pfw
com.eset.kext.esets_kac

View solution in original post

44 REPLIES 44

sdunbar
Contributor

@neil.martin83 Thanks for your help, esets_daemon --status gives the following:

RTPStatus=Enabled
ClientVer=6.7.500.0
AVSigsVer=18564 (20181218)
AVSigsDate=2018-12-18T13:11:10
AVSigsServer=http://um02.eset.com/eset_upd/ep6.6/
AntivirusAntispywareModVer=1546 (20181127)
Activation=Activated
AutomaticUpdateSignature=Enabled
StartupScanAfterLogon=Enabled
StartupScanAfterUpdate=Enabled
RTPEventMask=open:exec:create
RTPAdvHeuristic=Disabled
RTPAdvHeuristicExec=Enabled
RTPAdvHeuristicCreate=Enabled
ScanStatistics=Infected:0|Cleaned:0|Deleted:0
RTPStatistics=Infected:0|Cleaned:0|Deleted:0
WarningAlert=Operating system is not up to date

neilmartin83
Contributor II

@sdunbar In that case, my EA's should work with the following tweak to line 3 of the script on each one:

Change this:

esets_daemon="/Applications/ESET Endpoint Antivirus.app/Contents/MacOS/esets_daemon"

Into this:

esets_daemon="/Applications/ESET Endpoint Security.app/Contents/MacOS/esets_daemon"

sdunbar
Contributor

@neil.martin83 I have already done that, as that was the only obvious (to me) difference.

For for example I have

'''#!/bin/bash
esets_daemon="/Applications/ESET Endpoint Security.app/Contents/MacOS/esets_daemon"
if [[ -e "$esets_daemon" ]]; then esetactstatus=$("$esets_daemon" --status | grep Activation | cut -d "=" -f 2) echo "<result>$esetactstatus</result>" exit 0
else''' echo "<result>Not Installed</result>"
fi
exit 0

neilmartin83
Contributor II

Ok - my EAs are intended to be saved from GitHub and uploaded directly into Jamf rather than copy/pasted (the script part) - as it looks like that's what you may have done, judging by the character substitution I can see with the <> symbols. The scripts should look like this:

#!/bin/bash

esets_daemon="/Applications/ESET Endpoint Security.app/Contents/MacOS/esets_daemon"

if [[ -e "$esets_daemon" ]]; then
    esetactstatus=$("$esets_daemon" --status | grep Activation | cut -d "=" -f 2)
    echo "<result>$esetactstatus</result>"
    exit 0
else
    echo "<result>Not Installed</result>"
fi

exit 0

sdunbar
Contributor

@neil.martin83 Ah, yes sorry for being a bit of a numpty!
That is all now working perfectly, thank you for all your help, very much appreciated.