EDR shows a critical error: SEPM unavailable
search cancel

EDR shows a critical error: SEPM unavailable

book

Article ID: 272554

calendar_today

Updated On:

Products

Endpoint Detection and Response

Issue/Introduction

The Symantec Endpoint Detection and Response (SEDR) shows a critical error:

SEPM unavailable; confirm that your SEPM is online and accessible from the Symantec EDR management network.

Additionally the Status column under Settings > Global > Endpoint Communication Channel, SEP Policies, and Endpoint Activity Recorder shows a "connection error".

 

Environment

Release : 4.8.0-476

Cause

The password for the SEPM server was incorrect or possibly corrupted.

Resolution

  1.  Verify that the SEDR is able to communicate with the SEPM using the following commands:
    tcp_check -t <SEPM address> -p 443
tcp_check -t <SEPM address> -p 8446
  2. If either of the above commands fail then there is a network connectivity issue that needs to be resolved before proceeding
  3. Open the SEDR GUI
  4. Navigate to Settings > Global > Endpoint Communication Channel, SEP Policies, and Endpoint Activity Recorder
  5. Select the three ellipses (dots) next to the SEPM
  6. Select "SEPM Controller Connection"
  7. Verify the account name was correct
  8. Re-enter the password
  9. Click "Save"

This error and other troubleshooting tips are referenced in the "Symantec EDR system messages and recommended actions" technical document.

 

Powered by Wolken Software