Run a wireshark capture on your SEPM.
Set the following filter to check for full.zip downloads:
(frame matches "(?i)full.zip" ) && (tcp.srcport == 8014)
Set the following filter to check for deltas (.dax)
frame matches "\.[Dd][Aa][Xx]" && tcp.port==8014
Either of these will indicate the client is getting updates from the SEPM. If you don't see packets for these filters, it is likely just the client sending back logs.