Unable to onboard Protection Engine scanners to centralized cloud console.
search cancel

Unable to onboard Protection Engine scanners to centralized cloud console.

book

Article ID: 197663

calendar_today

Updated On:

Products

Protection Engine for Cloud Services Protection Engine for NAS

Issue/Introduction

After installing SPE 8.0 or later, running the command "cloudmgmtutil.exe -onboard" results in the message:

"Onboarding URL = https://sep-trial.securitycloud.symantec.com/cc?pr_id=XXXXXXXXXX&license_serial_number=XXXXX#/speonboard

Please copy the above URL and paste into the browser to initiate the onboarding process for cloud console."

But when the URL is accessed, an SSL error is displayed instead of the expected onboarding form.

 

 

Cause

Provisioning failed during the onboarding procedure.

Resolution

 

  1. Please open a Global Customer Assistance case.
  2. In the case, reference this KB,
  3. Attach the .slf license file used during the onboarding attempt
  4. Fill out the following template, and add it to the case

    First name:
    Last name:
    Email:
    Company:
    Country:
    Address 1:
    Address 2:
    City:
    State:
    Zip:
    Phone:
    Industry:
    Site ID/support ID:
    Serial Number:



    The information provided will be used to create the initial user account, which will be a super administrator for the organization. That user account will be able to create additional user accounts.


Additional Information

Post-onboarding FAQ

Q1. Once I have my account, how do I enroll scanners? 
A1. https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/symantec-protection-engine/8-2/Centralized-Console/enrolling-the-scanners-with-the-centralized-consol-v127861589-d4995e33897.html

Q2. How do I change passwords?
A2. Each user should be able to change their own password on (username)>My Account.

https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/symantec-protection-engine/8-1/Centralized_Console_4/manage-user-accounts-v127941674-d4995e35491.html

Q3. How do I view my scanners to prove definition version?
A3. Navigate within a SPE domain to Assets > Scanners

Q4. How do I export the list of SPE scanners? 
A4. In browser, right click, click "Save As...". In Excel, create a new blank spreadsheet, then on Data tab, click "Get External Data", click From Web, then specify file://(paste full path and filename, including extension). This is a little clunky, but it works.

Q5. Is there no Export to .csv function on the scanners page?
A5. Seems like a separate case for an enhancement request.

Q6. How do I export event data from the centralized console to splunk?
A6. https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/symantec-protection-engine/8-1/Logs,_Alerts,_and_Reports_9/importing-symantec-protection-engine-events-into-s-v128206670-d4995e35591.html

Q7. How do I export event data from the centralized console to QRadar?
A7. Currently, the API permits support to assist with configuring to permit login and query for events. A similar product, Symantec Endpoint Detection and Response, has an add-in console that installs into QRadar, accepts API credentials from SEDR, then queries for event data from SEDR. Currently, I am not aware of a SPE add-in for QRadar.You would need to craft your own python script to perform these queries. To request BROADCOM to craft a SPE App for QRadar would be an enhancement request.