Symantec Endpoint Protection Manager (SEPM) logs errors or displays HTTP error codes.
The communication channels between all Symantec Endpoint Protection (SEP) components must be open. These channels include:
Learn how to troubleshoot communication issues between the SEPM server and SEP clients or databases.
If you have trouble with communications between Endpoint Protection clients and servers, ensure that there are no general network or network connectivity issues.
You can test the communication between the client and the management server in several ways.
You can check several important connection data values in the client. The dates, times, server address, and port numbers are available for troubleshooting connection problems.
To check connection status data values in the client:
You can view the Apache HTTP server Access log on the management server to check whether the client connects to the management server. If the client connects, the client's connection problem is probably not a network issue.
Network issues include the firewall blocking access, or networks not connecting to each other. You must first enable the Apache HTTP server Access log before you can view the log.
Note: Disable the log after you view it because the log uses unnecessary CPU resources and hard disk space.
#CustomLog "logs/access.log" combined
pingand the computer name of the management server, and then press Enter.
Verify that there are no network problems by checking the following items:
If the client has communication problems with the management server, status messages about the connection problem appear in the client's debug logs.
You can check the debug logs by using the following methods:
HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC\smc_debuglog_on.
Use the log files ersecreg.log and exsecars.log on the management server to troubleshoot client and server communications. These log files show activity that occurs in the management server inbox.
HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SEPM, set
<DRIVE>:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\inbox\log.
<DRIVE>:\Tools\NoSupport\SylinkDropfolder, and run SylinkDrop.exe.
Note: Ensure that the Computer Browser Service is running on the server.
If you have a connection problem with the console or the database, you may experience one of the following symptoms, which display a "Java -1" error in the Windows Event log:
To find the specific cause for the "Java -1" error, review the scm-server log, typically located at
C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\scm-server-0.log.
sem5. Otherwise, leave Server name blank.
TESTS COMPLETED SUCCESSFULLY!".
You may need to adjust the heap size that is appropriate for the management server's operating system. If you cannot log on to the management server's remote console, or if you see an out-of-memory message in the smc-server log, you may need to increase the heap size.
The default heap size for Endpoint Protection Manager is 256 MB.
Check whether the management server runs multiple software packages that use different versions of PHP. PHP checks for a global configuration file (php.ini).
If there are multiple configuration files, you must force each product to use its own interpreter. When each product uses the correct version of PHP associated with it, the management server operates properly.
Ensure that both the client and the management server meet the Endpoint Protection system requirements.