After a successful Live Update process the sisamddaemon service is stopped.

Release : Symantec Endpoint Security

Component : Linux agent

sisamd_0.log

<Date/Time>: <info> [NotifyAction::NotifyAntiMalwareCollector]:382 MERR...Antimalware service restart triggered by Live Update

...

<Date/Time>: <info> [AMDAgent::run]:630 Trying to stop AV engine
<Date/Time>: <info> [AMDAgent::run]:634 AV Engine shutdown successful
<Date/Time>: <info> [AMDMain::RunAgent]:314 Shutdown of sisamddaemon completed. Exit Status 69

There is no indication in client logging or system message logs that show an attempt to restart the service.

The issue is related to the RHEL6 init service script for the AMD daemon not getting redirected to use the upstart subsystem properly. Because of this the service was is not able to start after the LU triggered a service restart.

This is fixed in 14.3 RU1.  Please make sure to upgrade to the latest client.  To work around this issue, run  `service sisamdagent start` on RHEL6 systems.