Integrated Cyber Defense Exchange collectors for Email Security .cloud halt occasionally


Article ID: 206325


Updated On:


Integrated Cyber Defense Exchange ICDx


You notice that an Integrated Cyber Defense Exchange (ICDx) Email Security .cloud collector stops after running correctly for some time. You are also able to restart the collector successfully without issue.


The collector is stopping due to an unrecoverable request when it receives a 401 response from the Email Security .cloud service API.

Looking in the collector logs, you see an error similar to:

2020-11-21 14:32:13,348 [shutdown] ERROR - Email Module - Terminating application with exit status 1 due to: Unrecoverable failed request: 401
Double-check settings:
    * Start Date/Time: "2020-11-18T10:10:00.000Z"
    * Calculated UTC-based Start Date/Time: "2020-11-18T10:10:00Z"
    * Username: sesc-username
    * Password (not shown)
    * Data Feed: all
      Full Data Feed URL:
    * Read Interval (ms): 30000
    * Idle Interval (ms): 300000
    * Use Proxy: true
2020-11-21 14:32:13,369 [Interrupt signal hook] INFO  lifecycle - The service has stopped


Release : 1.4

Component : sesc_col_dx


Broadcom is investigating this issue. We have had some indication that it may be related to outages from the Email Security .cloud service, such as with Maintenance periods.

It is recommended to Subscribe to the Email Security .cloud service status updates:

If an alert reported, it is possible that the collector will halt, so subscribing to the alerts will provide awareness of when the issue may occur.

This article will be updated when we have more information to provide.