Multiple Endpoint Security Linux agents report as one entry in cloud console

book

Article ID: 224817

calendar_today

Updated On:

Products

Endpoint Security

Issue/Introduction

Multiple SES (Symantec Endpoint Security) Linux agents report only as one entry in cloud console, e.g. you may have installed five agents but only the last one appears in the ICDm console (Integrated Cyber Defense Manager). 

This leads to the illusion that Linux agents are not checking in with cloud or are "disappearing" from the console, as this single entry will show only the name of last agent checked in.

Cause

Content of /etc/symantec/caf-shared/cafmachineid is "UNKNOWN" even though the OS returns a valid UUID, i.e. "sudo dmidecode | grep -i uuid"

Resolution

Symantec is aware of the issue and this article will be updated when new information is available.