Within the portal for Email Security.cloud, Email Track and Trace shows one or more messages with attachments that were detected as malware. However, these malware detection events do not appear in the Events page of the Advanced Threat Protection (ATP) Platform after one hour passes.

No error message is visible in the UI of the ATP appliance.

On the Settings> Global Settings page of the ATP UI, the Synapse correlation is enabled.

The status of the Email Security.cloud correlation is Healthy.

To diagnose this matter, please upload logs within the command line interface (CLI) of ATPP, then open a technical case with Symantec Technical Support for assistance.

To upload log evidence

1. Within the CLI, log in as admin.
2. Type: gather_logs
3. When the command is complete, type: bsupport
4. Copy the UUID from the output of the bsupport command, and paste that into the support case to permit support to locate and process the log evidence.