Symantec Endpoint Protection Manager not showing updated client's information.
search cancel

Symantec Endpoint Protection Manager not showing updated client's information.

book

Article ID: 236221

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

You noticed that the clients are updated with the latest definitions, however the SEPM is not showing the updated information in the SEPM\Clients Tab.

exsecars.log shows below error.
02/10 10:24:02 [7576:12020] Force to update the USN for agent id: 769EEE8486921EF446063F8E7C2B892D 
02/10 10:24:18 [7576:12020] Open File failed! File: 'E:\APPS\Symantec\Symantec Endpoint Protection Manager\data\inbox\agentinfo\75238adb-eedf-4165-9168-9f39e9cc2ebe.tmp' ÉÂ02/10 10:24:18 [7576:12020] ProcessAgentInfo error--Write File Error.!
02/10 10:25:46 [7576:12020] Open File failed! File: 'E:\APPS\Symantec\Symantec Endpoint Protection Manager\data\inbox\agentinfo\51b90408-6c68-4fb1-bdc9-23ecf2b0f23c.tmp' ÉÂ02/10 10:25:46 [7576:12020] ProcessAgentInfo error--Write File Error.!

Cause

  • The SEPM is unable to process the clients data due to the Permission Issue :  ProcessAgentInfo error--Write File Error.!
  • E:\APPS\Symantec\Symantec Endpoint Protection Manager\data\inbox\agentinfo\ - Found 12458 *.dat file that are not processed by SEPM due to permission Issue 
  • The Procmon shows 'E:\APPS\Symantec\Symantec Endpoint Protection Manager\data\inbox\agentinfo' directory is corrupt:
  • There are other files also on E: which are affected. Other logs incoming rate are very less so might not be issue.
  • Ntfs is also logging error about volume E:
    2/20/2022 2:17:15 AM System Error Ntfs AMSDC1-V-54510.ShellECZ.com NT AUTHORITY\SYSTEM 55 *"A corruption was discovered in the file system structure on volume E:
    The Master File Table (MFT) contains a corrupted file record.  The file reference number is 0x900000000000ae.  The name of the file is ""\APPS\Symantec\Symantec Endpoint Protection Manager\data\backup.oldd\2020-Dec-14_03-00-06.zip""."
    2/19/2022 2:58:22 AM System Error Ntfs AMSDC1-V-54510.ShellECZ.com NT AUTHORITY\SYSTEM 55 "A corruption was discovered in the file system structure on volume E:.
    The Master File Table (MFT) contains a corrupted file record.  The file reference number is 0x17b000000000102.  The name of the file is ""\APPS\Symantec\Symantec Endpoint Protection Manager\tomcat\bin\semapisrv.log""."

Resolution

Fix the disk Issue Or, move the SEPM to C:\ using disaster recovery process.

Disaster recovery best practices for Endpoint Protection
https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-protection/all/Managing-management-servers-sites-and-databases/disaster-recovery-best-practices-for-endpoint-prot-v18588940-d15e2803.html

Powered by Wolken Software