search cancel

Steps to collect core dumps from Linux agent.

book

Article ID: 241757

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Steps to collect core dumps from Symantec Endpoint Protection (SEP) 14.3 RU1 and above Linux agent.

Environment

SEP 14.3 RU1 and above

Resolution

To collect core, follow below steps

  • Find PID of process
pgrep sisamddaemon 
  • Send SIGILL message to PID
kill -SIGILL <PID>
  • Check /var/log/messages for core dumped status message.

And it should be available in
/opt/Symantec/sdcssagent/AMD/bin/

Also share below folders from the machine after generating dump

/var/log/messages
/var/log/sdcsslog/
/opt/Symantec/sdcssagent/AMD
/etc/sisips/