5.6.23. `Admin-GUM- Threat DB update` screen of the legacy web UI

After pressing the `Threat DB update` command from the `Admin-GUM` menu, the following screen is displayed.
This screen enables viewing the history and status of the installation:

  • For rule packages downloaded in a scheduled manner

  • For manually downloaded rule packages

Packages that can be downloaded via this interface are the:

  • malcore package: this package contains only engine and antivirus database updates used by Malcore

  • dga package: this package contains updates to the gdgadetect engine

  • cti package: this package contains CTI engine updates

  • sigflow package: this package contains only Sigflow engine and rule base updates

  • full package (full): this package is the sum of the previous packages

../../_images/GUM_UPDATE-01.PNG

Note

The cti.gwp package is updated hourly on update.gatewatcher.com The other packages dga.gwp, malcore.gwp, sigflow.gwp sont updated every day. It is not possible to download the full.gwp file in automatic mode

The `Threat DB update` screen contains the following items:

Item

Name

Function

1

`Submit` button

Triggers the installation of the update package

2

`Parcourir` button

Enables selecting an update package

3

`Updating DGA` field

DGA engine update progress bar / Last update status

4

`Updating LIS` field

CTI update progress bar / Last update status

5

`Updating malcor` field

Malcore engine update progress bar / Last update status

6

`Loading sigflow` field

Progress bar for the loading of the Sigflow engine rule files / Status of the last update

7

`Extracting sigflow` field

Progress bar of the extraction of rules files from the Sigflow engine

8

`Reading the gwp file` field

Progress bar of the integrity check of a loaded package

9

`Scheduled GUM threat DB update progression` field

Update progress bar: this covers all the steps detailed in the other fields

In the event of a scheduled update of a package file containing all the rules of a single engine or all the engines:

  • The progress bar in the `Scheduled GUM threat DB update progression` field starts advancing:

  • The progress bar in the `Reading the gwp file` field starts to advance. This means that the file has been downloaded and the system is checking its integrity

  • The progress bars of the `Loading sigflow` and `Extracting sigflow` fields begin their respective progressions. This corresponds to the processing of rule files in the Sigflow engine

  • The progress bar in the `Updating malcore` field begins to progress. This corresponds to the processing of the Malcore engine rule files

  • The progress bar for the `Upgrading LIS` field begins to progress. This corresponds to the processing of the CTI engine rule files

  • The progress bar in the `Updating DGA` field begins to move. This corresponds to the processing of the DGA engine rule files

  • Once the various steps are complete, the progress bar in the `Scheduled GUM threat DB update progression` field finishes its progression and indicates the final processing status

To use a package file from the remote PC, use the `Parcourir` button (2).

Important

In this case, select a GWP package file, only from those of the solution's engines.
Hotfix and upgrade packages will not work in this interface.
The engine rule update packages are available https://update.gatewatcher.com/update/.
For manual installation, see the Manual installation of an update of signatures and/or anti-viral engines (update).