'Get a File' requests from ATP or EDR fail

book

Article ID: 170384

calendar_today

Updated On:

Products

Endpoint Detection and Response Cloud Endpoint Detection and Response Advanced Threat Protection Platform

Issue/Introduction

When you try to get a file from Symantec Advanced Threat Protection (ATP) or Symantec Endpoint Detection Response (EDR) to submit to Cynic, the command fails.

When you review the logs, it looks like the command succeeds.

Cause

This issue is caused by a misconfigured Symantec Endpoint Protection Manager (SEPM), that causes the ATP or EDR to report a fail for the Get a File request.

Resolution

Review your SEPM Controller settings.

Verify that no passwords, no host names, nor no IPs have changed.