Discover scan status stuck at "Loading Policies"
search cancel

Discover scan status stuck at "Loading Policies"

book

Article ID: 160476

calendar_today

Updated On:

Products

Data Loss Prevention Network Discover Data Loss Prevention

Issue/Introduction

The Symantec Data Loss Prevention (DLP)  Discover scan remains stuck in the “loading policies” status with no evidence there is an issue.

The Discover ScanDetail log has little error and/or you do not observe other symptoms except time running accrual without reporting bytes/incidents and/or poor scan performance.

Note: If all policies are withdrawn except for a single keyword policy, the Discover scan completes as expected.

Cause

This can occur when the Discover server assigned the scan does not have enough resources to load the configured policies. Detection Technologies such as Indexed Document Matching (IDM) and Exact Data Matching (EDM) can require significant resources (several GB of RAM) for large data sets.

It also can occur if unable to load components such as indexed items.

Resolution

  • Disable the IDM or EDM based policies, restart Symantec DLP Detection Server Service, and start the scan again. If the scan starts without any errors then assess if the database profile is the problem or the lack of system resources.
  • You may have to perform additional performance tuning on the Discover server to prevent further scan issues. 
  • Check if there are IDM or EDM based policies applied. The IDM or EDM database profiles could be corrupted, or the policies are too large for the DLP implementation. You may also need to make additional adjustments to Java Heap, as the initial settings may be too low and cause issues with loading the policies.
  • Assure that ALL index items are replicated across all servers, as expected, including pre-existing and/or older indexes including those that were non-scheduled, single index items.

See Determining requirements for both local and remote indexers for EDM

Increasing Filereader Memory

If additional resources are available on the system, more can be allocated to the FileReader process. In the Advanced Server settings for the Detection Server, increase the RAM available to file reader:

BoxMonitor.FileReaderMemory = -Xms 1024M -Xmx 4096M