search cancel

central manager logs are showing errors around deserialization of a get_file_for_cynic command

book

Article ID: 174011

calendar_today

Updated On:

Products

Endpoint Detection and Response Advanced Threat Protection Platform

Issue/Introduction

central manager logs are showing errors around deserialization of a get_file_for_cynic command

An error similar to the following may appear repeatedly in central_manager.log or in the logs within the user interface:

com.symantec.atp.model.command.CommandStateNotification$CmdType from String 
"get_file_for_cynic": value not one of declared Enum instance names: 
[delete_file, fdr_search, get_file, get_file_for_sandbox, fdr_full_dump, 
cancel, isolate, rejoin, eoc_search, fdr_process_dump, submit_to_sandbox, 
unknown]

Environment

Any of the following is present:

  • Symantec Endpoint Detection and Response (SEDR) 4.0.0, deployed with either the management server or AllInOne role
  • Advanced Threat Protection (ATP) Platform 3.2.0, deployed with either the management server or AllInOne role
  • ATP Platform 3.1.0, deployed with either the management server or AllInOne role

Resolution

Update to SEDR 4.1.0, which contains a fix for this issue.