You are no longer seeing events in SSIM for the ISS SiteProtector product.

 

The following steps should help resolve the issue. If you have checked all the steps below and still do not get events, contact support.

Check the ISS SiteProtector product

1. Make sure the ISS SiteProtector is generating new events.
2. Check the Application, Security and System logs through the Windows Event Viewer on the database machine for errors regarding ISS and or the database.
3. Check the space available within the database container. If running low, purge old data and make more space available to the database.

Check SSIM Collector

1. Check the Sensor configuration, ensure you have the correct paths to drivers and the ISS database.
2. Ensure you have the correct Symantec Event Agent computer associated with that Sensor
3. Ensure the Sensor username and password you are using to authenticate to the database works by either logging in directly to the database or putting the ISS collector into debug and checking the log to make sure there are no connection or authentication errors.
4. Check the Collector and Agent logs for Java out of Memory errors. This is caused by large event batches from ISS SiteProtector.
   • With the sensor set to to End for the start position, restart the Event Agent and new events will begin to be sent again.