Endpoint Protection Manager sends "File Reputation Lookup Alert" error notification
search cancel

Endpoint Protection Manager sends "File Reputation Lookup Alert" error notification


Article ID: 215124


Updated On:


Endpoint Protection


The Symantec Endpoint Protection Manager (SEPM) is emailing the "File reputation lookup alert" concerning some endpoints.

Sample email: 


 Message from:     Server name: servername     Server IP: x.x.x.x     Administrator Email: [email protected] 

Message from: 
    Server name: servername
    Server IP: x.x.x.x 
    Administrator Email: [email protected] 
    Company Name: Broadcom

4 computer reported file reputation lookup issues. 

 Symantec Endpoint Protection  
File Reputation Detection Triggering Notification on 05/13/2021 03:03:32  

Updated since 05/12/2021 03:03:00     

Current User
IP Address  Domain Name 
 Server Name 
 Group Name  Product Version  File Reputation Detection   Event Time  
 x.x.x.x   Default 
 My Company\Servers\  14.3.1148.0100  Reputation check for unproven files failed because of network errors for the last 3 days.  05/13/2021 01:35:01 



We check many files a day on every endpoint, and rare, occasional failures is not uncommon. It can be a timeout of the submission, where the server doesn't respond in a timely manner, or the client might have little bandwidth at the time of submission.


File Reputation looks alert is one of the preconfigured notifications.

- You should be able to disable notifications in the SEPM by unchecking "Log the notification" option.

- If the emails are bothersome, it can disabled by unchecking the "Send email to system administrators" option.

Navigate to SEPM --> Monitor --> Notifications --> Notifications Conditions