You see errors similar to the following in the Integrated Cyber Defense Exchange (ICDx) DLP connector logs:
Database query Discover Incidents: 3 failed. ORA-04063: view "INCIDENT_ACCESS.DISCOVER_CONDITION_VIOLATIONS" has errors
DLP DB Sensor - read sensor failed. {}
DLP DB Sensor - Terminating application with exit status 1 due to: Error in module DLP DB Sensor due to java.lang.Error: com.symantec.cas.ucf.sensors.ReadDeviceException: Database configuration error, caused by com.symantec.cas.ucf.sensors.ReadDeviceException: Database configuration error, caused by java.sql.SQLException: ORA-04063: view "INCIDENT_ACCESS.ENDPOINT_CONDITION_VIOLATIONS" has errors , caused by oracle.jdbc.OracleDatabaseException: ORA-04063: view "INCIDENT_ACCESS.ENDPOINT_CONDITION_VIOLATIONS" has errors
Release : 1.4.1
Component : sdlp_col_dx
The Views tables have become corrupted.
To fix the Views tables run the Views setup script again. From the Views installation instructions from the Administration manual (Installing the Views Package on the Symantec Data Loss Prevention Database):
$SYMC_HOME/sdlp_col_dx-<version>/views
directory.$SYMC_HOME/sdlp_col_dx-<version>/views/README.txt
to install the database views that are required by ICDx.The pertinent part of the README.txt is:
4.2. At the SQL prompt, run the setup.sql script:
SQL> @setup.sql
The script prompts you for the following information (the default values are
shown in the square brackets):
a. Please enter sid:
b. Please enter username for the Enforce schema:
c. Please enter password for the Enforce schema:
d. Please enter username for the Incident Access schema[icdx_user]:
e. Please enter password for the Incident Access schema:
Once the Views setup script is run, the database Views tables will be rebuilt. This will not affect any of the data that is collected or otherwise used by DLP.