Capture Forensic Data Error An unknown error occurred while performing the search request.

search cancel

Capture Forensic Data Error An unknown error occurred while performing the search request.

book

Article ID: 264679

calendar_today

Updated On: 11-29-2023

Products

Endpoint Security Complete

Issue/Introduction

In the SES console under Investigate select an alert, click the 3 dots to the right and select Capture Forensic Data. On the same screen select ENDPOINT at the top left. The Capture Forensic Data errors out.

Environment

14.3+ Symantec Endpoint Security

Cause

Missing the TDAD client on target systems.

Resolution

The Capture Forensic data command requires both the EDR and TDAD clients. Without the TDAD client, the shown error appears. Deploy the TDAD client to systems you wish to implement this feature on.

Feedback

Was this article helpful?

thumb_up Yes

thumb_down No