When you try to get a file from Symantec Advanced Threat Protection (ATP) or Symantec Endpoint Detection Response (EDR) to submit to Cynic, the command fails.
When you review the logs, it looks like the command succeeds.
This issue is caused by a misconfigured Symantec Endpoint Protection Manager (SEPM), that causes the ATP or EDR to report a fail for the Get a File request.
Review your SEPM Controller settings.
Verify that no passwords, no host names, nor no IPs have changed.