Sisips-init shows failure:
root@vsyslog:/usr/lib/symantec # systemctl status sisips-init
● sisips-init.service - Symantec Agent for Linux IPS driver
Loaded: loaded (/etc/systemd/system/sisips-init.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Mon 2023-01-30 13:56:17 CET; 1min 31s ago
Process: 858 ExecStart=/etc/init.d/sisips.init start (code=exited, status=1/FAILURE)
Main PID: 858 (code=exited, status=1/FAILURE)
Jan 30 13:56:17 vsyslog systemd[1]: sisips-init.service: Main process exited, code=exited, status=1/FAILURE
Jan 30 13:56:17 vsyslog systemd[1]: sisips-init.service: Failed with result 'exit-code'.
Jan 30 13:56:17 vsyslog systemd[1]: Failed to start Symantec Agent for Linux IPS driver.
But status.sh command displays all daemons as running and all modules as loaded:
Symantec Agent for Linux
Symantec Endpoint Protection (SEPM) 14.3.3075.5000
Daemon status:
cafagent running
sisamdagent running
sisidsagent running
sisipsagent running
Module status:
sisevt loaded
sisap loaded
Sisips-init.service is not a service that runs all the time. If you start the service manually and check it with systemctl status, it will be:
"Active: failed"
This is expected behavior and does not indicate issues with SEP agent.
Execute /usr/lib/symantec/status.sh (or view agent_status file in the logs) to check the status of each Daemon and Module, and confirm that it is running and loaded normally.