Incidents from the DLP Cloud Service are stuck in queue
search cancel

Incidents from the DLP Cloud Service are stuck in queue


Article ID: 254156


Updated On:


Data Loss Prevention Cloud Service for Email Data Loss Prevention Cloud Detection Service Data Loss Prevention Cloud Detection Service for REST Data Loss Prevention Cloud Detection Service for ICAP Data Loss Prevention Data Loss Prevention Cloud Package


You have noticed that incidents from the Cloud Service are not reaching your Enforce Server console, and there is frequently an Incident Queue.

Restarting the DetectionServerController service appears to temporarily address the issue.


Release : 15.8 MP2 or earlier


The SymantecDLPDetectionServerController service on the Enforce Server - aka the MonitorController service - is the service which coordinates data shipping to and from all Detection Servers, including Cloud Detectors.

Although it's possible to improve performance by increasing memory allocated to the service, there are also some known issues affecting the Enforce Server services, in versions prior to 15.8 MP3.


Apply 15.8 MP3 to obtain specific fixes described below.


The first fix is most significant as it corrects an issue with connectivity to the Cloud Service:

CRE-10171 -- The DetectionServerControllerService service sometimes lost the
connection to the Cloud Service Gateway during a local Oracle
database outage and then failed to reconnect later. You had to
restart the DetectionServerControllerService to reestablish the

Second fix:
CRE-10054 -- Failed database connections used by the Enforce Manager,
Incident Persister, and DetectionServerController services were
not removed from the database connection pool which resulted in
connection pool exhaustion and service outages until the affected
services were restarted.

Third fix:
CRE-10105 -- Applied a fix for the Oracle ojdbc7.jar driver issue
20960881 that caused a
Checksum fail exception which affected several key services.

The above details are given on p. 6-7 of the release notes:

Symantec_DLP_15.8_MP3_Release_Notes.pdf (

Additional Information

DLP version 15.8 is supported until August of 2024, as per this updated advisory: End of Service dates for Symantec Data Loss Prevention.

Broadcom Technical Support strongly recommends applying this patch to 15.8 as soon as possible.