Troubleshoot common LiveUpdate issues (with flowchart)


Article ID: 177870


Updated On:


Endpoint Protection


How to troubleshoot failed LiveUpdate or definition update issues. 

Common Symptoms

  • Virus definitions are out-of-date
  • Virus definitions are not updating on the Symantec Endpoint Protection Manager (SEPM)
  • Virus definitions are not updating on the Symantec Endpoint Protection (SEP) clients
  • Some Symantec Endpoint Protection clients are not getting definition updates
  • LiveUpdate does not complete successfully


Troubleshooting flowchart

Use the following flowchart to help isolate LiveUpdate issues, and then refer to the details below the chart for further steps.

Troubleshoot communication issues

  1. Ensure that you are able to access the following URLs:
  2. Make sure that the perimeter firewall has exceptions for the web sites above.
  3. If you continue to have trouble, run a packet capture, and contact support for further analysis.

Check connectivity between managers and clients

  1. Perform a SECARS check to test connectivity between Symantec Endpoint Protection clients and the Symantec Endpoint Protection Manager. See Test communications between Endpoint Protection clients and managers.
  2. Troubleshoot communication issues with Endpoint Protection Manager.
  3. Check SylinkMonitor logs for communication errors.

Remove corrupt definitions

See Fix corrupt definitions on Endpoint Protection clients


Check if Symantec Endpoint Protection Manager has the latest definitions

  1. OpenSymantec Endpoint Protection Manager.
  2. Click the Admin Tab.
  3. ClickServers.
  4. Click Local Site.
  5. Click Show Liveupdate Downloads.
  6. Make sure that the date for 32-bit and 64-bit definitions for ‘Virus & Spyware Definitions’ is up-to-date.

Check log.liveupdate and SESMLu.log of Symantec Endpoint Protection Manager

See LiveUpdate and content troubleshooting for the Endpoint Protection Manager.

Check proxy settings in Symantec Endpoint Protection Manager

See Configure the Endpoint Protection Manager to use a proxy server to download content via LiveUpdate.