After moving DLP agent from prod to dev it is not showing in the console.

book

Article ID: 224638

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent Data Loss Prevention Endpoint Suite Data Loss Prevention

Issue/Introduction

After moving a batch of Symantec Data Loss Prevention (DLP) agents from our prod to our dev environment 1 agent out of the group does not appear in the console.

And another is showing no agent version with the error in agent alerts of "Agent version is not supported".

However, the services do start, they both have block responses, and are creating incidents.

 

Cause

This error was caused by two different unique issues.

The agent not appearing at all is due to an agent that was recently removed from the console.

It is still in the database with a status of "Is Deleted=1" This means it is ready to be removed from the database, and will no longer show in the UI, but is still in the database waiting to actually be deleted.

Because the agent was returned to the console during this state it was effectively ignored.

 

The second was due to a failure in communications while the initial agent communication was underway.

 

Environment

Release : 15.8, but applicable to any version.

Component :

Resolution

The issue of the agent not showing at all self-corrected after the nightly database purge, and the agent checked again the next day.

For the agent with no version showing "Agent version is not supported", the resolution was to delete the agent from the UI, and wait for it to check back in again the next day.