search cancel

Securlets stopped or no longer report data

book

Article ID: 174140

calendar_today

Updated On:

Products

CASB Security Standard CASB Security Premium CASB Security Advanced CASB Audit CASB Gateway CASB Gateway Advanced

Issue/Introduction

CloudSOC / CASB

Either there is no current data or no data after a certain date for specific or all Securlets. There can also be a gap in the reports. The Securlet might have missed a week of reports. 

These Securlets include: 

  • Box
  • Dropbox
  • Office 365 (O365)
  • Salesforce
  • Workday
  • Yammer
  • Amazon Web Services
  • Cisco Webex Teams
  • DocuSign
  • Facebook
  • GitHub
  • G Suite 
  • Jive
  • Microsoft Azure
  • ServiceNow
  • Slack 

Cause

  1. If all Securlets have stopped reporting data, your tenant subscription expiry date has most likely lapsed. The lapsed subscription stops all Securlets. (See 1. Under Solution) 
  2. If a single Securlet has stopped reporting data, or there is a gap in data, a token has most likely expired. The expired token can be caused by the admin user that was used to activate the Securlet is missing or inactive within the SaaS. (See 2. Under Solution) 
  3. If a SaaS' license has been recently renewed, check license subscription. (See 3. Under Solution)
  4. It is also possible that the scan has gotten hung up.

Resolution

  1. For a potential subscription lapse, contact your Sales Engineer to work to get your subscription renewed or updated. Support can let you know your subscription expiration date if you do not know it. 
  2. If a single Securlet has stopped reporting data, confirm that the admin user is active within the SaaS. If the admin user is active, a support ticket needs to be opened for the Symantec engineering team to investigate the Securlet connection. Also open a ticket with the SaaS company (Microsoft, Google, etc.) to check the connection.  
  3. When a license is renewed for a SaaS sometimes there is a mix up and it is set to standard instead of premium. Make sure the license is set to premium.
  4. It is suggested to deactivate the securlet, wait at minimum 30 minutes, and reactivate.