How to collect logs for Symantec Cloud Workload Protection for Storage on Amazon AWS

book

Article ID: 198170

calendar_today

Updated On:

Products

Cloud Workload Protection for Storage Cloud Workload Protection for Storage DLP

Issue/Introduction

I need to collect logs from the Cloud Workload Protection for Storage (CWP:S) running Amazon AWS for troubleshooting purposes.

Resolution

SSH to the CU, and run the following commands:

sudo su
cd /usr/local/symantec/spe/settings/
sh cufilescollector.sh

Then SSH into the PU(s) and run the following commands:

sudo su
cd /usr/local/symantec/spe/settings/
sh pufilescollector.sh

The above steps will create a folder named as “cwps-blackbox” at “/home/centos/” directory on each machine, with required logs. Copy the cwps-blackbox folders to the local machine, zip them and send it to support case for analysis.

Additional Information

If you did not deploy the Controller Unit with a combined Protection Unit, you should see the following errors when running the cufilescollector.sh:

cp: cannot stat ‘/opt/SYMCScan/log/*.log’: No such file or directory
cp: cannot stat ‘/opt/SYMCScan/bin/category3.xml’: No such file or directory
cp: cannot stat ‘/usr/local/symantec/spe/spe-s3-protection-adapter-service/logs/*’: No such file or directory

These errors are expected as these files are only present when a Protection Unit is combined with the Controller Unit.