Auto-update signatures on IDSM

Unanswered Question
Apr 9th, 2008
User Badges:


Today I got my licenses for my IDSM and started to set the module up for auto update. The module seems to download and install service packs from my FTP but doesn't touch the updated signatures stored in the same directory as the service packs.

I was under the impression that auto update would also update the signatures. Am I all wrong our have I missed something?


Fredrik Hofgren

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
marcabal Wed, 04/09/2008 - 06:19
User Badges:
  • Cisco Employee,

The auto update should be able to auto install the signature updates.

Possible Issues to check:

1) Be sure to let the sensor go through 2 auto update cycles. If both service packs and signature updates exist in the directory the sensor will auto download the service pack on the first cycle. Once the latest service pack (or major or minor) has already been installed then on the Next auot update cycle it should download and install the latest signature update.

2) It may be erroring out on installation of an upgrade. Look at your sensor configuration and determine what time your sensor should perform the next auto update cycle.

Just before the cycle starts execute "show events" on the CLI and watch for any status or error events during the auto update.

If the auto update has already passed then use the CLI (or IDM) to look for the status and error events that happened during the last auto update.

If the status event says that no updates are found, then it is not recognizing any newer update needing to be applied. Verify that the updates in the directory are higher sig levels than what is already on the sensor. And verify that the filenames match exactly the names as seen on (including capitalization).

If the status says that an update was found and an installation started, then check for further events to see if the installation was successful or failed.

If successful then the auto update is working, and just check it again next cycle.

If the installation failed, then see what the error was and try to fix the error before the next auto update cycle.

The sensor will retry that same update on the next cycle. So if it keeps failing that installation it will keep retrying it each cycle.

NOTE: If the installation fails on a service pack, then it will Not proceed to try a signature update until the service pack can be applied.


This Discussion