Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SEPM not showing proper status of SEP agent.

Created: 06 Aug 2010 | 8 comments
Revenge's picture

I am facing issue related reporting in SEPM. I have check some clients are online, update and connected with SEPM. i am wondering when i checked with SEPM console and its showing same clients offline . After that I have find lots of entries in SEPM. whats going on hare don't
know. i using SEPM MR5 and clients MR6A and same MR5.

Comments 8 CommentsJump to latest comment

P_K_'s picture

Delete a few clients that are showing offline and wait for them to check in. Check them in their respective group  or the default, they should check in.

MCT MCSE-2012 Symantec Technical Specialist (SCTS)

AravindKM's picture

They may be duplicate entries
Try this
to remove the duplicate entries in the SEPM database:
http://127.0.0.1:9090/servlet/ConsoleServlet?Actio...

Ref:remove the duplicate entries in the SEPM

Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind

Revenge's picture

After delete few clients that’s not reflecting again SEPM.

AravindKM's picture

Try by clicking on update policy in the client.In the client go to help and support---->trouble shooting and see it belongs to which group client has to appear in the same group in server.If it is showing multiple entry normally among that only one will show online status....

Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind

P_K_'s picture

Can get the sylink log from the client?

MCT MCSE-2012 Symantec Technical Specialist (SCTS)

Doug DeMio's picture

FIX:  Symantec Clients not reporting into the Symantec Manager console
 
Overview
There is an issue with the Symantec clients on imaged PC’s not reporting status back to the Symantec Endpoint Protection manager console.  These clients are receiving signature and policy updates from the console, but the console does not recognize these clients as managed systems.  The root cause is a conflict in the Symantec hardware ID’s (lack of uniqueness) on the imaged systems.  In order to correct this, the hardware ID must be deleted in 2 locations, then reboot the PC, which forces Symantec to generate a new, unique hardware ID. 
 
 
Prerequisites:

  • These instructions assume that the Symantec Client is installed.  If not, please install the latest SEP client package
  •  You must be a local administrator in order to make these changes
  •  If performing these updates remotely, the PC must be powered on 

 
The Symantec hardware id is located in 2 places on the PC:
 

  1. C:\Program Files\Common Files\Symantec Shared\HWID\ sephwid.xml

 

  1. Registry:  HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC\SYLINK\SyLink\HardwareID

 
You must delete the sephwid.xml file, then clear the value from the HardwareID registry key.  After both references have been deleted, reboot the PC and the Symantec Client on the PC will generate a new, unique key.   The sephwid.xml file can be deleted remotely and the registry key value can be cleared remotely, as shown below.   If the user is not logged in, you may also reboot the PC remotely.  These instructions assume that the updates will be performed remotely,  but you may perform these updates while logged onto the PC, using Windows explorer and the regedit utility. 
 
**You may perform these updates remotely while the user is logged on, as the changes will not affect the user experience or become active until the PC has been rebooted.

Revenge's picture

Check another example for diff issue. in SEPM moniter report virus name, colure doesnt match with current data. showing attacker machine infected with w32.sillyFDC & IP adress is 172.28.10.205. but when i mannuly check thier is no such virus as per report said. i think hare i need to be flush SEPM database for stop such kind of issue. what you suggest for me?

check attch & today SEP log file.

SEPM report.jpg SEPM report2.JPG Virus list.JPG
AttachmentSize
09032010.txt 18.73 KB