How to verify an Endpoint Agent is communicating with a Endpoint Server
search cancel

How to verify an Endpoint Agent is communicating with a Endpoint Server


Article ID: 159537


Updated On:


Data Loss Prevention Endpoint Prevent Data Loss Prevention


You have deployed an endpoint agent (any version), and have not seen it checked in to the Agents Overview section, nor have you seen any incidents created from this agent.


You may first want to check out port connectivity from the endpoint agent to the endpoint server via a telnet test.

Additionally you can use the windows netstat utility to see if the endpoint agent has an "established" connection or not.

Example information

If your Endpoint server IP address is,  You can perform the following telnet test from a endpoint agent that is not checking in.


open a Command window:

telnet 10443


Another good test you can perform from the Endpoint Server is a netstat test which will show you what ports are connected/established or listening.

The endpoint server should be listening on port 10443 ( LISTENING),  The endpoint agent, if connected will show ESTABLISHED on port 10443

Example From Endpoint server:  

C:\>netstat -aon | find "10443"
  TCP                         LISTENING          2192
  TCP      ESTABLISHED     2192
  TCP     ESTABLISHED     2192
  TCP     ESTABLISHED     2192

(Note that pre DLP version 12.5 your Endpoint Agents may be communicating on port 8000)


To test the endpoint agent's ability to communicate with the endpoint server, use the following command

telnet 10443

It is unreliable to test netstat on the Endpoint Agent as this will only show established if the Agent is actively transferring data from the endpoint server.  You will not observe any output on the endpoint agent port otherwise.  Endpoint agents attempt a connection with the endpoint server as per the agent Polling interval.  This interval is located in the advanced settings of the agent configuration (