Multiple Endpoint Security Linux agents report as one entry in cloud console


Article ID: 224817


Updated On:


Endpoint Security


Multiple SES (Symantec Endpoint Security) Linux agents report only as one entry in cloud console, e.g. you may have installed five agents but only the last one appears in the ICDm console (Integrated Cyber Defense Manager). 

This leads to the illusion that Linux agents are not checking in with cloud or are "disappearing" from the console, as this single entry will show only the name of last agent checked in.


Content of /etc/symantec/caf-shared/cafmachineid is "UNKNOWN" even though the OS returns a valid UUID, i.e. "sudo dmidecode | grep -i uuid"


Symantec is aware of the issue and this article will be updated when new information is available.