Scheduled scans are cleared on Endpoint Protection for Linux

book

Article ID: 162300

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

User-created scheduled scans with names which begin with the prefix "clientscheduledscan_" are deleted on Symantec Endpoint Protection for Linux clients. The below example shows a scan being created with this prefix.

# ./sav scheduledscan -c clientscheduledscan_1 -f weekly -i Mon -t 1:00 -m 1 /

After creating the scan, it is possible to view the scan's information.

# ./sav scheduledscan -n clientscheduledscan_1
Scan Name: clientscheduledscan_1
Type: Local Scan
Frequency: Weekly - Mon at 1:00
Missed Events: Enabled
State: Enabled
Status: Never run
Files to Scan:
Directories to Scan:
/

Later attempts to view the scan's information fail.

# ./sav scheduledscan -n clientscheduledscan_1

Scan not found

 

Resolution

The scan name prefix "clientscheduledscan_" is reserved and is used when a Symantec Endpoint Protection for Linux client receives a scheduled scan in a policy from the Symantec Endpoint Protection Manager. For this reason, scans created manually by users should not use the following prefixes in the scan name.

1.  ClientServerScheduledScan_
2.  clientscheduledscan_

These prefixes are case-insensitive.