Integrated Solutions are not showing query results.
Use API commands to verify that Symantec Endpoint Detection and Response (SEDR) receives those API calls and that results are returned.
Using Curl:
curl -X POST -H "Accept: application/json" -H "Authorization: Basic TzJJRC5hdHAtY3VzdG9tZXIuYXRwLWRvbWFpbi5hOXFjZWQ0dGZjcTdva2pjbDA3YjVrN25xczpqYXNsdjZyb3Q4cDd0MW8wN TZma3FtbHZiMG10ZWhoOXFmZw==" -H "Content-Type: application/x-www-form-urlencoded" -d 'grant_type=client_credentials&scope=customer' "https://<SEDR IP>/atpapi/oauth2/tokens"
{ "access_token":"eyJraWQiOiIwOXdoVHNEM1JRV2VISGRXOGR3cXp3IiwidHlwIjoiSldUIiwiYWxnIjoiUlMyNTYifQ.ey JzdWIiOiJ7XCJkb21haW5faWRcIjpcImF0cC1kb21haW5cIixcIm93bmVyX3VyaVwiOlwiXC92MVwvbWRyXC91c2Vyc1wvemp tSGw5Z1VRMG1TSGo2dVdJYWtWZ1wiLFwic2NvcGVcIjpcImN1c3RvbWVyXCIsXCJwcml2c1wiOlwibWFuYWdlX2RvbWFpblwi LFwiY3VzdG9tZXJfaWRcIjpcImF0cC1jdXN0b21lclwiLFwidXJpXCI6XCJcL29hdXRoMlwvY2xpZW50c1wvTzJJRC5hdHAtY 3VzdG9tZXIuYXRwLWRvbWFpbi5hOXFjZWQ0dGZjcTdva2pjbDA3YjVrN25xc1wiLFwiY2xpZW50X2lkXCI6XCJPMklELmF0cC 1jdXN0b21lci5hdHAtZG9tYWluLmE5cWNlZDR0ZmNxN29ramNsMDdiNWs3bnFzXCJ9IiwidmVyIjoxLCJpc3MiOiJpZF9lcG1 wX2kiLCJleHAiOjE0NjYwNjM5NjcsImlhdCI6MTQ2NjA2MDM2NywianRpIjoiWXVSTXRVWmRSZEszazVXNnhYU253QSJ9.3K7 eZOO0oG1QtAA_YkRWQ_OeHxG_m98FI3qdIww0DK2CFsC_rSt1hq5QZxGeX_D803VarzrvDsMR4E26u-sdMY05X12q1p5v- phQWct6ArCtqNCderEJEkHvtu_Xynuytds7vgLKDXx-0IWP1zGtQdffpO7gTW1DVg4gz2P65ymA- iU5eXTRbXjHI6na8cAA__rW3d0k0tEKPVw8RlXHBccWAVRs9F3tJWSw2WHTK4OJyqYg6_nc2uMIciDH01v97ntb7zPY5rsSxN Ior9ipqNLqs__ya93_RO8S8pOR5LSANjROy8PBS-FUA-1hiHStrRCVdQ-R1aX2nO6qMThXmQ", "token_type":"Bearer", "expires_in":3600 }
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer eyJraWQiOiIwOXdoVHNEM1JRV2VISGRXOGR3cXp3IiwidHlwIjoiSldUIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiJ7XCJkb2 1haW5faWRcIjpcImF0cC1kb21haW5cIixcIm93bmVyX3VyaVwiOlwiXC92MVwvbWRyXC91c2Vyc1wvemptSGw5Z1VRMG1TSGo 2dVdJYWtWZ1wiLFwic2NvcGVcIjpcImN1c3RvbWVyXCIsXCJwcml2c1wiOlwibWFuYWdlX2RvbWFpblwiLFwiY3VzdG9tZXJf aWRcIjpcImF0cC1jdXN0b21lclwiLFwidXJpXCI6XCJcL29hdXRoMlwvY2xpZW50c1wvTzJJRC5hdHAtY3VzdG9tZXIuYXRwL WRvbWFpbi5hOXFjZWQ0dGZjcTdva2pjbDA3YjVrN25xc1wiLFwiY2xpZW50X2lkXCI6XCJPMklELmF0cC1jdXN0b21lci5hdH AtZG9tYWluLmE5cWNlZDR0ZmNxN29ramNsMDdiNWs3bnFzXCJ9IiwidmVyIjoxLCJpc3MiOiJpZF9lcG1wX2kiLCJleHAiOjE 0NjYwNjM5NjcsImlhdCI6MTQ2NjA2MDM2NywianRpIjoiWXVSTXRVWmRSZEszazVXNnhYU253QSJ9.3K7eZOO0oG1QtAA_YkR WQ_OeHxG_m98FI3qdIww0DK2CFsC_rSt1hq5QZxGeX_D803VarzrvDsMR4E26u-sdMY05X12q1p5v- phQWct6ArCtqNCderEJEkHvtu_Xynuytds7vgLKDXx-0IWP1zGtQdffpO7gTW1DVg4gz2P65ymA- iU5eXTRbXjHI6na8cAA__rW3d0k0tEKPVw8RlXHBccWAVRs9F3tJWSw2WHTK4OJyqYg6_nc2uMIciDH01v97ntb7zPY5rsSxN Ior9ipqNLqs__ya93_RO8S8pOR5LSANjROy8PBS-FUA-1hiHStrRCVdQ-R1aX2nO6qMThXmQ" -d '{ "verb":"query", "limit":1 }' "https://<SEDR IP>/atpapi/v2/events/"
{ "result":[ { ... } ], "next":"NiwyMDR2LTA2LTIwVDIwOjQ2OjE2LjgyN1o=", "total":1 }
With those results you will see that SEDR receives API commands and returns results.
If there are errors please note down the HTTP error code and message, then contact support.