Download SymDiag to detect product issues
Article ID: 155115
Updated On: 04-07-2025
Products
Issue/Introduction
Download and learn about SymDiag — the Symantec Diagnostic Tool — which identifies common issues and gathers data / logs for support-assisted troubleshooting.
NOTE:
Versions of SymDiag prior to 2.1.320 are unable to update themselves.
Once you have downloaded v2.1.320 or newer, the update capability will be restored.
Resolution
Table of Contents
Download SymDiag
SymDiag for Windows (2.1.324.11293)
- Download SymDiag for Windows.
Save the file to the Windows desktop. - On the Windows desktop, double-click the SymDiag.exe icon.
- Follow the on-screen instructions or consult the Table of Contents below to find further instructions for using SymDiag depending on what you want to accomplish with SymDiag
SymDiag for Linux (2.1.11285)
The method used to gather logs on a Linux system is dependent upon whether the SEP for Linux client or the SES Linux Agent is being used.
SEP for Linux (On-prem install)
- Download SymDiag for Linux.
Right-click this link and choose "Save Target As" or "Save Link As". - Save symdiag.run to a directory on the computer.
- Mark the file as executable to run as superuser.
sudo chmod +x ./symdiag.runsudo ./symdiag.run
- Follow the on-screen instructions.
SES Linux Agent (cloud managed)
Use the Get Agent Info script to collect SES Linux Agent logs.
Run the following command from a terminal:
cd /opt/Symantec/sdcssagent/IPS/tools; ./getagentinfo.sh
SymDiag for macOS
SymDiag for macOS is not available. Instead, download one of the following:
- Download wssa-diag.sh for issues with WSS Agent or Unified Agent
- Download GatherSymantecInfo for issues with other Symantec products
Diagnostic .cloud for Edge Secure Web Gateway (formerly ProxySG)
Additional diagnostic resources are available at Diagnostic .cloud for the following Network Protection products:
- Edge Secure Web Gateway (formerly ProxySG)
SymDiag Viewer for Windows (2.1.324.11291)
- Download SymDiag Viewer for Windows.
Save the file to the Windows desktop. - On the Windows desktop, double-click the SymDiagViewer.msi icon.
- Follow the on-screen instructions to install the SymDiag Viewer
- Double click on any *.sdbz file and the file will be opened in the SymDiag Viewer
SymDiag for Windows v3 Beta
The SymDiag for Windows v3 Beta is available for testing.
***NOTE: This is a beta version, keep this is mind when using this version. For SEP, use the latest v2.x version as there are currently known issues with data collection.
File Legend
The following table lists all files in the Attachments section at the bottom of this page, including the ones listed above.
|
Product File |
Version File |
Product |
| SymDiagViewer.msi | SymDiagViewerVer.txt | v2 SymDiag Viewer |
| symdiag.run | SymHelpLinux_SymcRCVer.txt | v2 SymDiag for Linux |
| SymDiag.exe | SymcSTVer.txt | v2 SymDiag for Windows |
| sdupdate.dat | v2 database update file | |
| SymDiagViewer3.msi | SymDiagViewer3.json | v3 SymDiag Viewer |
| SymDiagWin.exe | SymDiagWin.json | v3 SymDiag for Windows |
| SymDiagLinux.run | SymDiagLinux.json | v3 SymDiag for Linux (coming shortly) |
| SymDiagUpdate.dll | SymDiagUpdate.json | v3 SymDiag update file (coming shortly) |
About SymDiag
The Symantec Diagnostic Tool (SymDiag) is a multi-product, multi-language diagnostic, and security analysis utility. SymDiag provides self-help support for Symantec product technical issues, zero-day threat analysis, best practice recommendations, and proactive services to customers.
If you require further assistance, SymDiag lowers the level of effort and increases efficiency by automating data gathering and support case submission.
Supported products
SymDiag supports the following Symantec products:
- Advanced Threat Protection (Linux)
- Auth Connector
- Authentication and Authorization Agent
- Data Center Security Agent
- Data Insight
- Data Loss Prevention 11.0 and later
- Encryption Powered by PGP
- Endpoint Encryption
- Endpoint Protection 11.0 and later*
- Endpoint Protection Small Business Edition (.Cloud)
- Endpoint Protection Cloud
- Enterprise Agent
- Information Center Analytics
- Information Centric Tagging
- Mail Security for Microsoft Exchange 6.5.2 and later*
- Management Platform
- Optical Character Recognition
- Protection Engine
- Unified Agent/Web Security Service Agent
- VIP Access
- Web Cloud Protection
- Web Gateway
- Web Security Service
*SymDiag includes reporting on license status for this product. See About the Licensing Dashboard in SymDiag.
Supported operating systems
Windows
SymDiag runs on the same Windows operating systems that Symantec products that function with SymDiag support.
On Windows 2008 R2 Server Core, run SymDiag with the following command-line switch:
-net2
Linux
The following x86 and x64 Linux distributions are supported.
| Distribution | Minimum Version |
|---|---|
| RedHat Enterprise Linux | 6.5 |
| CentOS | 6.5 |
| Fedora | 16 |
| Oracle Linux | 6.5 |
| Debian | 6.0.5 |
| Ubuntu | 11.10 |
| SUSE | 11.0 |
| Novell Open Enterprise Server | 11.0 |
Command-line and remote deployment
SymDiag comes with many command-line parameters, and you can remotely deploy SymDiag.
- SymDiag command-line parameters
- Run SymDiag for Linux on Symantec Appliance
- Remotely Deploy SymDiag
- Deploy SymDiag using the Client Deployment Wizard in Endpoint Protection Manager
Self-help reporting
Before contacting Support, you can identify Symantec product issues, licensing status and identify best-practice configurations of your Symantec product. You can also attempt to identify suspicious files and start an investigation into whether they are zero-day threats.
Proactive Services - Best Practice Reporting
Threat Analysis Scan
Licensing Dashboard
- How can I check the status of my Symantec product license in SymDiag?
- What is the Licensing Dashboard in SymDiag?
Data collection for Support
You can run SymDiag on computers to produce self-help solutions, as well as collect data for support cases with Symantec.
Debug Logging
- How can I use a wizard to collect debug logging data for a Symantec Support case?
- How can I use advanced debug logging options for the Symantec Endpoint Protection client?
- How can I configure command-line debug logging in SymDiag for Symantec Endpoint Protection?
Delivering data to Support
Use SymDiag to gather data on relevant computers for support cases with Symantec. SymDiag lets you deliver that data directly into a new or existing support case.
- How can I create or update support cases with data collected by SymDiag?
- How can I attach additional files to a support case with SymDiag?
- How can I provide data to Symantec Support when SymDiag won't complete?
Windows Root Certificate Requirement
SymDiag requires a root certificate to be auto installed by the Windows OS and that the OS supports SHA-2 code signing certificates.
If these requirements are not met, SymDiag will display an error message of "Failed to launch Symantec Diagnostic Tool".
This issue can be resolved by following the steps in the article Failed to launch Symantec Diagnostic Tool.
Release Notes
Build 2.1.324.11293 (02/07/2025) - SymDiag
Build 2.1.324.11291 (02/07/2025) - Viewer
Build 2.1.322.11287 (08/19/2024)
| Key | Component/s | Summary |
| SUPOPS-895 | SymDiag | Remove debug message for download failure |
| SUPOPS-1104 | SymDiag | Null value in ScDeviceGuard.SetDeviceGuard |
| SUPOPS-1093 | SymDiag | Remove v2 reports that are not used in v3 |
| SUPOPS-1359 | WSS | Pickup new files wss-agent-routing-*.log |
Build 2.1.320.11285 (10/31/2023)
| Key | Component/s | OS | Summary |
| SUPOPS-880 | SymDiag, Viewer | All | Unable to update to newer versions |
| SUPOPS-882 | SymDiag | Windows | Remove uploading to a Wolken case |
| SUPOPS-869 | Viewer | Windows | Change Viewer Menu location |
| SUPOPS-726 | SEP, SEPM | Windows | Update version checking for 14.3 RU7 and RU8 |
| SUPOPS-810 | PE | Windows | Unable to detect PE if symcscan service ImagePath has -debug |
| SUPOPS-883 | DLP | Windows | Database is locked error is logged after testing DLP Enforce password |
| SUPOPS-735 | DLP | Windows | Incorrect version of DLP detected after upgrade |
Build 2.1.318.11278 (06/14/2023)
| Key | Component/s | OS | Summary |
| SUPOPS-423 | SED | Windows | Collect the encryption status of PGP |
| SUPOPS-422 | SEE | Windows | Collect the encryption status of SEE |
| SUPOPS-661 | SEP | Windows | Add additional logging details to the error "Unable to validate ccSettings database" |
| SUPOPS-700 | SEP | Windows | Add Edge Browser Extension related info |
| SUPOPS-725 | SEP | Windows | Add SETTDAD-TRAPS wpp provider with a default of disabled |
| SUPOPS-664 | SEPM Config Review | Windows | Protection Overview has sections that only show 52 rows. Display the full data in the Viewer. |
| SUPOPS-636 | SymDiag | Windows | Capture native/wow64 registry key and values from ...\Windows NT\CurrentVersion\AeDebug |
Build 2.1.316.11253 (01/30/2023)
| Key | Component/s | OS | Summary |
| SUPOPS-632 | DLP | Windows | Unable to parse DLP version from path that has a number in a sub directory |
| SUPOPS-627 | DLP | Windows | Capture the Data Loss Prevention registry key and values |
| SUPOPS-580 | DLP | Linux | Update for DLP 16 Linux release |
| SUPOPS-607 | DLP, Viewer | Windows | Update Symantec articles in section 6.3.10 JAVA Memory Settings to a newer kb |
| SUPOPS-603 | DLP, Viewer | Windows | Old Oracle server information |
| SUPOPS-604 | DLP, Viewer | Windows | Remove Processor Speed findings for Enforce and Detection servers |
| SUPOPS-606 | SEP | Windows | Update url responses for report checking if SEP Symantec servers are working. |
| SUPOPS-605 | SEP | Windows | Remove 'Symantec Endpoint Protection (Small Business Edition)' entries from Search Kbs and Product landing sites |
| SUPOPS-585 | SEPM | Windows | SEPM report for configured ports is incorrect for custom port |
| SUPOPS-619 | SMSMSE | Windows | Exchange build numbers of 15.x are not mapped to correct Exchange versions |
| SUPOPS-608 | SymDiag | Windows | Command line option debuglog filepath does not create log file in filepath |
| SUPOPS-631 | SymDiag | Windows | Collect all reg values from Windows NT\CurrentVersion |
| SUPOPS-628 | SymDiag | Windows | Pickup the latest etl2pcapng |
| SUPOPS-609 | SymDiag | Windows | Null exception in SelectProductVM.CheckMatchingProducts |
| SUPOPS-630 | SymDiag | Windows | Collect HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders |
Build 2.1.314.11248 (11/11/2022)
| Key | Component/s | OS | Summary |
| SUPOPS-601 | DLP | Windows | Update System requirements for supported OSes |
| SUPOPS-602 | DLP | Windows | Update versions for 16 |
| SUPOPS-597 | SEP, SEPM | Windows | Update for 14.3 RU6 release |
| SUPOPS-598 | SEP, SEPM | Windows | Update System Requirements for newer versions of Windows |
| SUPOPS-299 | SEP, WSS | Windows | Collect "verbose" data for NTR by default |
| SUPOPS-584 | SEP, WSS | Windows | NTR trace logs not included if it is disabled |
| SUPOPS-595 | SEP, WSS | Windows | When Ntr runs collection of ipconfig and nslookup, the command does not exist |
| SUPOPS-590 | SEP, WSS | Windows | Report RHC_ProtectionStatus is not run when NTR is enabled |
| SUPOPS-589 | SEP, WSS | Windows | BNS Connection is not collected when NTR is enabled |
| SUPOPS-600 | SEP, WSS | Windows | If NTR is installed and disabled, exception when checking pac file integrity is logged |
| SUPOPS-591 | SEP, WSS | Windows | WssLatency is not collected when NTR is enabled |
| SUPOPS-599 | SEP, WSS | Windows | If NTR is installed and disabled, exception getting NTR latency is logged |
| SUPOPS-593 | SEP, WSS | Windows | Change Latency results from a text file to a DbVar and display in view ...\Other Data\Latency |
| SUPOPS-588 | SEPM Config Review | Windows | Add Windows Vista to Config Review's Legacy Windows report |
| SUPOPS-499 | SymDiag | Linux | Collect Linux commands into a table for setting up SUDO permissions |
Build 2.1.312.11245 (10/04/2022)
| Key | Component/s | OS | Summary |
| SUPOPS-583 | SEP | Windows | Scan hangs if xml value is not found when running GetPolicyClientControlMode |
| SUPOPS-514 | SEP | Windows | WPP logging fails to initialize due to existing file |
| SUPOPS-507 | SEP | Windows | Display Final GEH exceptions from ccSettings as a list |
| SUPOPS-568 | SEP | Windows | Add SETDAD_MINIDM_WPP_GUID to WPP list |
| SUPOPS-570 | SEP | Windows | Collect SEPInstallTraceSession.etl for SEP Windows |
| SUPOPS-579 | SEP | Windows | Cloud Client warns that feature is in mixed mode |
| SUPOPS-578 | SEP | Windows | Exception in WtrInformation when accessing database in background thread |
| SUPOPS-582 | SEP,SEPM | Windows | Update version for Sep 14.3 RU5 (Refresh 2) release |
| SUPOPS-365 | SEPM | Windows | SEPM Top 5 intrusion query errors with an arithmetic overflow error converting expression to data type int |
| SUPOPS-553 | SMSMSE | Windows | Collect permissions for folders and registry |
| SUPOPS-552 | SMSMSE | Windows | Update for SMSE 7.09 and 7.10 |
| SUPOPS-565 | SMSMSE | Windows | Add SMSMSE Quar Admins to Console Permission report checks |
| SUPOPS-566 | SMSMSE | Windows | .Net v4.8 is reported as an error for SMSMSE requirements report |
| SUPOPS-540 | SPE | Windows | Add CSAPI logging to SPE Windows |
| SUPOPS-535 | SPE | Windows | Add WPP logging to SPE Windows |
| SUPOPS-554 | SymDiag | Windows | Exception in Symantec.Diag.Ui.Net3.AppUi3..cctor |
| SUPOPS-557 | SymDiag | Windows | If SymDiag is running in silent mode and it is not able to verify the certificates, a UI error is displayed |
| SUPOPS-555 | SymDiag | Windows | Update copyrights |
| SUPOPS-574 | SymDiag | Windows | Exception when parsing SID names |
Build 2.1.310.11238 (08/11/2022)
| Key | Component/s | OS | Summary |
| SUPOPS-538 | SEP | Windows | Exception if Cloud Server connection, but no cloud policies |
| SUPOPS-533 | SEP | Windows | SEP 14.3 RU5 Cloud API to get policies fails |
| SUPOPS-551 | SEP | Windows | SymDiag does not collect debug and wpp logs when using the -s -enable command line options |
| SUPOPS-530 | SEP, SEPM | Windows | Add 14.3 RU5 refresh as new version for SEP |
| SUPOPS-503 | SEPM | Windows | Error converting data type nvarchar to numeric when collecting information about a sep client |
| SUPOPS-527 | SPE | Windows | Update SPE OS requirements for System Requirements report |
| SUPOPS-542 | SPE | Windows | Collect Stargate logs for v8.2 |
| SUPOPS-543 | SPE | Windows | For service report, remove symcmicrodefsmgr if 8.2 or greater |
| SUPOPS-544 | SPE | Windows | Remove 7.8 from install requirement strings |
| SUPOPS-545 | SPE | Windows | Remove excess spaces from PE's file version |
| SUPOPS-546 | SPE | Windows | Collect Common Agent Framework files |
| SUPOPS-528 | SPE | Windows | Update SPE supported versions for latest version report |
| SUPOPS-532 | SymDiag | Windows | Collect Internet Settings from the registry |
| SUPOPS-550 | WSS | Windows | The WSS SSL Root Certificate report incorrectly reports that the certificate is not installed if more than 1 certificate is installed |
Build 2.1.308.11236 (06/21/2022)
| Key | Component/s | OS | Summary |
| SUPOPS-530 | SEP, SEPM | Windows | Add 14.3 RU5 as new version for SEP. NOTE: 2.1.308 is required for full support of SEP 14.3 RU5. Earlier versions may not collect all SEP data, have report errors and not enable SEP debugging. |
Build 2.1.308.11235 (06/07/2022)
| Key | Component/s | OS | Summary |
| SUPOPS-153 | DLP | Windows | DLP Agent enable / disable FINEST logging |
| SUPOPS-484 | DLP | Windows | Add etw guids for vrtam.sys and vnwcd.sys |
| SUPOPS-520 | DLP, Viewer | Windows | Update Enforce Oracle Server version information in config review |
| SUPOPS-510 | SED | Windows | Latest versions of Endpoint Encryption and Encryption Desktop |
| SUPOPS-525 | SEE | Windows | Win Server 2019 is reported as not supported for see |
| SUPOPS-524 | SEE | Windows | Endpoint Encryption Management Server reports CLRtypes not installed when they are. |
| SUPOPS-470 | SEP | Windows | Collect additional hardening files for RU4 |
| SUPOPS-513 | SEP | Windows | Unexpected installation report error |
| SUPOPS-526 | SEP | Windows | SymDiag exits while running ScCloudPolicyVersions script command |
| SUPOPS-495 | SEP | Windows | Change how SEP Information Features are displayed. Now shown as Features and as Protections |
| SUPOPS-489 | SEP | Windows | Parse SEP 14.3 RU4 Application Hardening log (AsrMan.log) |
| SUPOPS-488 | SEPM | Windows | Proactive and Config Review report an error when checking on the latest version |
| SUPOPS-494 | SymDiag | Windows | MSI Applications missing apps that are only in Uninstall key |
| SUPOPS-485 | SymDiag | Windows | When Sql Server is not installed, try to collect install log files |
| SUPOPS-511 | SymDiag | Windows | Update 3rd party software |
| SUPOPS-506 | WSS | Windows | WSS Pac file is not downloaded |
Build 2.1.306.11230 (02/07/2022)
| Issue key | Component | OS | Summary |
| SUPOPS-478 | DLP | Windows | Update DLP Version |
| SUPOPS-173 | DLP | Windows | Collect Debug Output Strings for DLP |
| SUPOPS-447 | DLP | Windows | Unable to identify Enforce version when installed to a custom directory |
| SUPOPS-459 | SED | Windows | SED 10.5 MP3 released |
| SUPOPS-479 | SEE | Windows | Update SEE version |
| SUPOPS-458 | SEP | Windows | Could not find a part of the path after saving the SBDZ |
| SUPOPS-464 | SEP | Windows | SymDiag can crash if try to delete an invalid Common Client value |
| SUPOPS-476 | SEP, SEPM | Windows | Update EP 14.3 RU4 version |
| SUPOPS-480 | SMSMSE | Windows | Update SMSMSE Version |
| SUPOPS-477 | SymDiag | Windows | Update Sql Server Versions |
Build 2.1.304.11227 (01/27/2022)
| Issue key | Component | OS | Summary |
| SUPOPS-468 | Viewer | Windows | EO WebBrowser license error when using public decrypt server |
| SUPOPS-475 | SymDiag, Viewer | Windows | Not able to connect with reputation server |
Related terms: symhelp, symhelpexe,symantec help
Feedback
