Error is thrown when adding a specific Endpoint Agent to the list of Target Endpoints in an Endpoint Discover Scan
search cancel

Error is thrown when adding a specific Endpoint Agent to the list of Target Endpoints in an Endpoint Discover Scan

book

Article ID: 278311

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Discover Data Loss Prevention Enforce

Issue/Introduction

When adding a specific device, or devices, to the Target Endpoints, in the Targeting tab, in the Endpoint Discover Scan configuration you get an error. The error appears when the Save button is used.

At first the agents are added successfully to the list as visible on the screenshot below. Newly added agents are marked with a blue star.

When the Save button is clicked the Console throws an error.

After accessing the same Endpoint Discover Scan configuration all new Agents added in this batch will be gone. 

Environment

DLP 15.8 or higher

Cause

One or more of the selected agents may not have provided a Version to the Enforce Console. It will cause the save job to fail. 

In the tomcat logs you should be able to find the lines as visible below. The tomcat log by default is located in the %PROGRAMDATA%\Symantec\DataLossPrevention\EnforceServer\<DLP Version>\logs\tomcat. New logs are created daily and will be named localhost.<date>. log. Open the one with the date of occurrence.

24 Jan 2024 01:20:59,657- Thread: 116 SEVERE [com.vontu.manager] [/SaveScanAssignment] Unexpected error occurred while processing action
24 Jan 2024 01:20:59,657- Thread: 116 SEVERE [com.vontu.manager] [/SaveScanAssignment] 
Cause:
java.lang.NullPointerExceptionjava.lang.NullPointerException
    at com.vontu.util.software.Version.parseVersion(Version.java:60)
    at com.vontu.util.software.Version.<init>(Version.java:49)
    at com.vontu.manager.admin.endpoint.resolution.AgentResolutionService.isAgentVersionSupported(AgentResolutionService.java:97)

This error indicates an empty (null) value in on of the Agent versions. However it does not indicate which Agent exactly is the problem.

Resolution

To resolve the issue it will be necessary to avoid adding the Agent with the version missing. To locate the problematic agent follow the steps below:

1. Navigate to System -> Agents - Overview

2. In the bottom section of the screen click on "View Summary Reports".

3. On the new Window expand Advanced and click "Add filter".

4. From the drop down menu select "Agent Version", then "Does Not Contain Ignore Case", and into the entry field enter "1" and click on Apply.

5. The result will be a list of agents with an empty version number.

Skip this agent/those agents when adding Endpoint to the targeted device/s in your Endpoint Discover Scan and the save should be successful.

Additional Information

The missing version, or other details, of the agents need to be investigated separately. Most likely the cause is issues with agent connectivity. Please refer to the below articles for guidance in troubleshooting those:

Troubleshoot Agents not reporting into the Enforce Console (broadcom.com)

DLP Agent Connectivity Troubleshooting (broadcom.com)

Powered by Wolken Software