search cancel

How to tell for sure if a Protection Engine Server has received a policy from the cloud console settings

book

Article ID: 258223

calendar_today

Updated On:

Products

Protection Engine for NAS

Issue/Introduction

How to tell for sure if a Protection Engine Server has received a policy from the cloud console settings and if it is the correct policy.

 

Environment

Release : 8.2.2

Cause

Question often asked

Resolution

One of the primary ways to tell if a computer managed by the cloud console has received a policy is to do the following:

1. Open the cafagent.log maintained by any SPE server enrolled in the cloud.

Windows: C:\Program Files\Symantec\Common Agent Framework\Log\cafagent.log

Linux:  /var/log/sdcss-caflog/cafagent.log

 

2. Search for the entry "applied_policy_id".   Next to the applied_policy_id entry will be a numeric value:  Example:  "applied_policy_id":"31730"

3. Open the Cloud Console and select the "Policies" list. Within it will be the list of all policies:

4. Usually you know what policy is assigned to the group to which the Scanner is a member. To make sure the Scanner has the right policy, click on the policy you think it should be assigned to.

5. At the top of the console will be the policy ID assigned to each policy. If the ID matches the numeric value from step 2 then the policy assignment is confirmed.

Example: https://scwp.securitycloud.symantec.com/webportal/#/cloud/spe-policy/view?policyId=31730

 

Attachments