Data Loss Prevention

 View Only

  • 1.  DLP Network Discovery Scans

    Posted Mar 11, 2015 06:41 PM

    In the process of upgrading a client's DLP environment to version 12.5.2 and discovery scans are no longer working since the upgrade from 11.6.2 to 12.0 and then to 12.5.0. Enforce and detection servers are running the same version. The scan starts but nothing actually happens - no files scanned etc. 

    Does anyone now why this might be? Where might I find the appropriate log files to troubleshoot this?

    TIA

    Mark



  • 2.  RE: DLP Network Discovery Scans
    Best Answer

    Posted Mar 12, 2015 07:30 PM
    Sometimes one overlooks the obvious :-) Major upgrade --> reboot the server - despite what the upgrade guide states. Reboot of the Network Discovery server sorted the problem.


  • 3.  RE: DLP Network Discovery Scans

    Trusted Advisor
    Posted Mar 18, 2015 05:56 AM

    hello

     nice you solved your issue, but i will be interested to know why it happens (cause i dont want it to happen to me :) ).

    Did you perform full upgrade (enforce and detection servers) for each step (11.6 to 12.0 and 12.0 to 12.5) ?

    Did a scan was running when you performed the upgrade ?

    You wrote scan was starting, but is there any errors or things like that in UI / logs or just "starting" and nothing more ?

     Regards.



  • 4.  RE: DLP Network Discovery Scans

    Posted Mar 20, 2015 08:20 AM
    1. Enable the Debug and Trace logs for the NDP before scan via the Log menu on the Enforcer.
    2. Start the scan (Remember timestamp)
    3. After the scan, collect the Debug and Trace logs from the NDP and check behaviour by using the timestamp in every log file.