Error: "Severe Error 2600 - Communication error"

book

Article ID: 170785

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent Data Loss Prevention Network Monitor Data Loss Prevention Network Prevent for Email Data Loss Prevention Network Discover Data Loss Prevention Network Prevent for Web

Issue/Introduction

Data Loss Prevention(DLP) Enforce console is showing "Severe Error 2600 - Communication error" in system alerts.

File reader log shows:

 "Unexpected error occurred while sending CommandInstruction_C updates to  detection : filereader.

Shipment task has exceeded maximum idle time of 540,000 milliseconds!

Please look at the monitor controller logs for more information."

Cause

The default timeout setting for a detection server to receive updates from Enforce is 540000 milliseconds. If the time it takes for this update to happen exceeds the configured timeout value this error will occur.

One cause for this update process taking longer than the default configured time would be if a policy has a large number of rows in the execution matrix due to compounded conditions/exceptions. This error also indicates the Detection server has probably not received the policy updates from Enforce.

Resolution

Increase the timeout value with the following steps until the error no longer occurs.

Note: The following steps will need to be performed on each of the affected detection servers.

  1. Open the following file in a text editor: \SymantecDLP\Protect\config\ Communication.properties
  2. Find and copy the following line to a new line: data.flow.max.shipping.task.idle.time = 540000
  3. Comment out the original line as follows: #data.flow.max.shipping.task.idle.time = 540000
  4. Edit the new line increasing the value "540000" to the new desired timeout value, e.g.: data.flow.max.shipping.task.idle.time = 700000.
  5. Restart the Monitor service on the detection server.