You install the current Linux client and it says:
Agent installed successfully
Starting Agent..
Symantec Agent for Linux
Symantec Endpoint Protection (SEPM) <version>
Daemon status:
cafagent running
sisamdagent running
sisidsagent running
sisipsagent running
Module status:
sisevt not loaded
sisap not loaded
Error: suse kernel version <version>-default (<version>-default) is not supported
According to Supported kernels of Symantec Linux Agent (broadcom.com) the kernel should be supported.
Another potential indication of this issue seen in RHEL OS with Secure boot enabled, and both Modules are enrolled properly is below error message inside sisap_init logs:
insmod: ERROR: could not insert module /etc/symantec/sis/driver/<kernel version>/sisap-x86_64-default.ko.xz: Unknown symbol in module
kernel.kptr_restrict of 2 restricts exposed kernel pointer addresses access and prevents sisevt and sisap from loading properly.
Run: sudo sysctl kernel.kptr_restrict
If kernel.kptr_restrict is 2 ** Perform below steps
sudo vim /etc/sysctl.conf
Press insert and add one of the below entries
For no restriction:
kernel.kptr_restrict=0
For STIG rule ID SV-234861r622137_rule:
kernel.kptr_restrict=1
Save (Esc - wq!)
Run Command
sysctl -p /etc/sysctl.conf
Reboot the machine after above steps and run /usr/lib/symantec/status.sh to check modules are running or not.