ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Syslog shows no events from Advanced Threat Protection
Article ID: 169813
Updated On:
Products
Symantec Products
Issue/Introduction
After enabling syslog reporting, no events from Advanced Threat Protection (ATP) are seen on the syslog server. Running the "test_syslog" command, however, does produce a syslog entry.
ArrayIndexOutOfBoundsException is seen in the central_manager.log.
Cause
The incident_loger.conf file is found to be empty.
Environment
Symantec Advanced Threat Protection 2.0.3
Resolution
This issue is fixed in Advanced Threat Protection 2.3. For information on how to obtain the latest build of Symantec's ATP, see Symantec™ Advanced Threat Protection 3.0 Upgrade Guide.
Feedback
Yes
No
Powered by
