Error 3900: Internal Communications error
search cancel

Error 3900: Internal Communications error


Article ID: 170745


Updated On:


Data Loss Prevention Enforce


System alerts generated in the Enforce console for an error with the connection to the DLP Endpoint server:

"Internal communications error. Please see Aggregator.log for errors. Search for the string TC - Unexpected Exception"

Ther aggregator provides detail information on the agent connection.

File: Endpoint_Server\logs\debug\Aggregator5.log
Date: 11/2/2017 6:40:50 PM
Method: log
java.lang.IllegalStateException: SSLEngine already closed
    at org.jboss.netty.handler.ssl.SslHandler.wrap(
    at org.jboss.netty.handler.ssl.SslHandler.handleDownstream(
    at java.util.concurrent.ThreadPoolExecutor.runWorker(
    at java.util.concurrent.ThreadPoolExecutor$
TC - Unexpected exception  for connection number 1898, '<endpoint agent>' at 2017-11-02 06:40:50. Write failed.Connection statistics


Seen in DLP 14.6, 15.5, 15.7, 15.8


This happens because the connection to the agent was lost unexpectedly. The server didn't gracefully close the connection. We generate a system event upon unexpected connection closures.

The error is reproducible.  Killing the connection during communication between the endpoint agent and the endpoint server should reproduce the error.

This has also been found to be caused by <> set to 10 in the agent config.


This is possibly caused by a misconfiguration in the agent configuration.  Try creating a new agent config and leaving the advanced agent configuration as close to the default as possible. 

The nature of this error is not something that we can change (probably).  If this error persists after updating the agent config, then it will have to be an expected event for the environment.

Try setting the polling interval back to the default of 900.