Debugging Sylink communications with Symantec Endpoint Protection for Macintosh (SEP for Mac)
|Article:TECH132983|||||Created: 2010-01-07|||||Updated: 2012-08-09|||||Article URL http://www.symantec.com/docs/TECH132983|
SEP for Mac client does not appear in the Symantec Endpoint Protection Manager (SEPM) after installing with a package exported from the SEPM, and you want to know how to troubleshoot heartbeat communication using a method similar to Sylink debug logging on Windows.
- SEP for Mac client does not appear in the SEPM after installing with package exported from the SEPM.
- Connection Status reads: Disconnected
Note: Since Mac clients can only get content via LiveUpdate, Sylink debug logging can't be used to troubleshoot content delivery, only the connection (heartbeat) to the SEPM.
To enable Sylink debugging:
- Within a Terminal window, enter:
sudo /Library/StartupItems/SMC/smclient --debuglevel=engineer
- Authenticate when prompted. The Terminal window will not echo password input.
- Restart the smclient. This is not required to change the debug level but it is a good idea on a managed client to force a check-in and retrieve updated policy settings:
sudo /Library/StartupItems/SMC/smclient --stop
sudo /Library/StartupItems/SMC/smclient --start
- Allow it to run for 10-15 minutes, then reverse changes (authenticating again when prompted) by entering:
sudo /Library/StartupItems/SMC/smclient --debuglevel=none
- Run the GatherSymantecInfo tool and email the results to technical support. This report will include the debug log as well as lots of other useful information. The debug log is otherwise located at:
Permissions on this file is rw-r--r-- (chmod 644) -- should be allowed to copy it to desktop or attach to email.
Indication of a successful communication status will appear in the Symantec Quick Menu:
Title: 'Installing Symantec Endpoint Protection 11 for Macintosh'
Title: 'How to convert an unmanaged SEP for Macintosh client to managed'
Title: 'The SEP for Macintosh SMC service (smcdaemon)'
There are three levels to set for debugging: none, support, and engineer. The output for engineer resembles Windows Sylink logging, with some extra information about scan policy values.
Article URL http://www.symantec.com/docs/TECH132983