Multiple SES (Symantec Endpoint Security) Linux agents report only as one entry in cloud console, e.g. you may have installed five agents but only the last one appears in the ICDm console (Integrated Cyber Defense Manager).
This leads to the illusion that Linux agents are not checking in with cloud or are "disappearing" from the console, as this single entry will show only the name of last agent checked in.
Content of /etc/symantec/caf-shared/cafmachineid is "UNKNOWN" even though the OS returns a valid UUID (i.e "sudo dmidecode | grep -i uuid" returns a valid UUID)
There will also be "UNKNOWN" values in /opt/Symantec/cafagent/bin/CAFStorage.ini in [agent-details] section, e.g.
This issue has been fixed in SEP 14.3 RU4 (14.3.2417) Linux Agent. Upgrade to that version.