Steps to collect core dumps from Linux agent.
Article ID: 241757
Updated On:
Products
Endpoint Protection
Issue/Introduction
Steps to collect core dumps from Symantec Endpoint Protection (SEP) 14.3 RU1 and above Linux agent.
Environment
SEP 14.3 RU1 and above
Resolution
To collect core, follow below steps
- Find PID of process
pgrep sisamddaemon
- Send SIGILL message to PID
kill -SIGILL <PID>
- Check /var/log/messages for core dumped status message.
And it should be available in
/opt/Symantec/sdcssagent/AMD/bin/
Also share below folders from the machine after generating dump
/var/log/messages
/var/log/sdcsslog/
/opt/Symantec/sdcssagent/AMD
/etc/sisips/
Feedback
Yes
No
Powered by
