Collect WSS debug data for SEP clients with SymDiag
search cancel

Collect WSS debug data for SEP clients with SymDiag


Article ID: 250439


Updated On:


Cloud Secure Web Gateway - Cloud SWG Endpoint Protection


How do I collect debug data for issues with SEP clients that route traffic to the Web Security Service (WSS)?

How do I use SymDiag with the WSS service for SEP endpoint clients?


NOTE: SEP 14.3 RU5 (or later) is required to provide advanced debugging information.

The SEP Web and Cloud Access Protection (WCAP) client was formerly known as the Network Traffic Redirection (NTR) client.

Ensure that "Enable Web and Cloud Access Protection" is enabled, otherwise incomplete logs will be collected:


To collect network packet captures and WSS debug logs for SEP clients: 

(1) Download the current version of SymDiag from:

(2) Run SymDiag and click the button: "Collect Data for Support"

(3) Under "Installed products" make sure the following checkboxes are selected: 
- "Endpoint Protection Client"
- "WSS Service"

...and click the "Next" button.

(4) Enable the following debug options...

Under the "Data Type" (section), enable the radio button: 
- "Limited data for Support"

Under the "Debug Logging" (section), enable the checkboxes: 
- "Endpoint Protection Client"
- "WSS Service"

(5) Click the "Advanced" button, and on the "Endpoint Protection Client" tab make sure that "NTR" is selected.

NOTE: These options are NOT selected by default, and you must enable them for data to be gathered when running SEP-NTR.

Reproduce the problem and provide the SymDiag log to support.