search cancel

Alerts Query Fails for Endpoint Manager collector

book

Article ID: 174748

calendar_today

Updated On:

Products

ICDx

Issue/Introduction

Symantec Endpoint Protection Manager (SEPM) collector shows a warning in the collector log with AlertsQuery in Symantec Integrated Cyber Defense Exchange (ICDx).

2019-05-13 10:43:33,095 [SEPM DB Sensor] WARN  c.s.cas.ucf.sensors.DB.DBLegacySensor - Database query 0010_AlertsQuery failed. Cannot find the object "ALERTS" because it does not exist or you do not have permissions.

Cause

A different account may be in use for the collector, or the correct account does not have the proper permissions.

Environment

  • ICDx
  • SEPM Collector

Resolution

  1. Verify that the account in the collector is a valid SEPM database user.
  2. Verify that the SEPM user has read/write access to the ALERTS table and read-only access to all other SEPM tables.

For information on providing access to SEPM users, see the SEPM Administration Guide for the installed version of SEPM.