Symantec Antivirus for Linux (SAVFL) with SAVFL Reporter is not able to upload the logs to the Symantec Endpoint Protection Manager (SEPM).
| Article:TECH164020 | | | Created: 2011-07-06 | | | Updated: 2012-08-21 | | | Article URL http://www.symantec.com/docs/TECH164020 |
Problem
Information from a Symantec Antivirus for Linux (SAVFL) client does not appear in the Symantec Endpoint Protection Manager (SEPM) though the optional SAVFL Reporter has been installed.
Error
Symptoms:
- LogSender log on SAVFL client shows following errors:
[2011-06-16 17:33:19 logsender ERROR] HTTP ping failed with status 555 Permission Denied
[2011-06-16 17:33:19 logsender ERROR] reporter server http://SEPM/Reporting does not appear to be online, returning
Note: The LogSender log is located in opt/Symantec/ReportingAgent/Linux
Example name: logsender_2011-06-29.log
- SAVFL version is sav-1.0.10-26 or higher
- SAV Reporter 1.0.10 is installed and configured properly on Linux machine.
Note: Reported.ini contains correct Reporting url.
- Once another SEPM server is set up in the Reported.ini file, the logs get uploaded correctly.
- SEPM is configured to receive the legacy logs.
Note: Legacy logs from Symantec Antivirus for Windows are getting uploaded successfully.
- Integrated login option is not enabled on the SEPM’s Reporting
Cause
The option for legacy log upload was not migrated correctly during the SEPM server upgrade.
Solution
Disable the legacy upload option
- From the Symantec Endpoint Protection Manager Console page, under "Security Status", click Preferences
- Click Logs and Reports
- Uncheck the radio button under "Legacy Support", Upload Symantec AntiVirus version 10.x log files
- Restart IIS
Enable the legacy upload option
- From the Symantec Endpoint Protection Manager console page, under "Security Status", click Preferences
- Click Logs and Reports
- Check the radio button under "Legacy Support", Upload Symantec AntiVirus version 10.x log files
- Restart IIS
|
|
Related Articles
Article URL http://www.symantec.com/docs/TECH164020
Terms of use for this information are found in Legal Notices
Thank you.