Scan attempt using REST API calls fails with error SCAN_FAILURE
search cancel

Scan attempt using REST API calls fails with error SCAN_FAILURE

book

Article ID: 368507

calendar_today

Updated On:

Products

Protection Engine for Cloud Services

Issue/Introduction

When attempting to perform a file scan using the swagger-ui.html page, for REST API examples, the attempt fails with result:  SCAN_FAILURE. 

An examination of the Protection Engine server's SPE_REST_API.log showed the error "Unable to communicate with Symantec Protection Engine" was returned when the scan request was relayed to the scanning engine. The following excerpt shows the list of :

Note: The Rest API service was configured for debug logging to generate most of the content. The error is all that would normally be seen.

 

2024-05-22 10:29:43,068 [http-nio-8008-exec-29] DEBUG symantec.spe.sperestapi.FileScanController:80 - scanFile::MultipartFile object:: test.xml
2024-05-22 10:29:43,068 [http-nio-8008-exec-29] DEBUG symantec.spe.business.FileScanManagement:82 - Entering function : FileScanManagement::saveFile().
2024-05-22 10:29:43,068 [http-nio-8008-exec-29] DEBUG symantec.spe.business.FileScanManagement:66 - Entering function : FileScanManagement::getScanLocation().
2024-05-22 10:29:43,068 [http-nio-8008-exec-29] DEBUG symantec.spe.business.FileScanManagement:150 - Entering function: FileScanManagement::createFolderIfNotExists().
2024-05-22 10:29:43,068 [http-nio-8008-exec-29] DEBUG symantec.spe.business.FileScanManagement:166 - Exiting function: FileScanManagement::createFolderIfNotExists().
2024-05-22 10:29:43,069 [http-nio-8008-exec-29] DEBUG symantec.spe.business.FileScanManagement:75 - FileScanManagement::getScanLocation(): created scan location - /opt/SYMCScan/temp/7cb3697d-88de-4711-940b-16826aacd27f
2024-05-22 10:29:43,069 [http-nio-8008-exec-29] DEBUG symantec.spe.business.FileScanManagement:76 - Exiting function : FileScanManagement::getScanLocation().
2024-05-22 10:29:43,069 [http-nio-8008-exec-29] DEBUG symantec.spe.business.FileScanManagement:150 - Entering function: FileScanManagement::createFolderIfNotExists().
2024-05-22 10:29:43,069 [http-nio-8008-exec-29] INFO  symantec.spe.business.FileScanManagement:156 - FileScanManagement::createFolderIfNotExists(): Directory created successfully :/opt/SYMCScan/temp/7cb3697d-88de-4711-940b-16826aacd27f
2024-05-22 10:29:43,069 [http-nio-8008-exec-29] DEBUG symantec.spe.business.FileScanManagement:166 - Exiting function: FileScanManagement::createFolderIfNotExists().
2024-05-22 10:29:43,070 [http-nio-8008-exec-29] DEBUG symantec.spe.business.FileScanManagement:106 - FileScanManagement::saveFile() : Saved file to location - /opt/SYMCScan/temp/7cb3697d-88de-4711-940b-16826aacd27f/test.xml
2024-05-22 10:29:43,070 [http-nio-8008-exec-29] DEBUG symantec.spe.business.FileScanManagement:108 - Exiting function : FileScanManagement::saveFile().
2024-05-22 10:29:43,070 [http-nio-8008-exec-29] DEBUG symantec.spe.business.FileScanManagement:58 - Entering function : FileScanManagement::scanFile().
2024-05-22 10:29:43,070 [http-nio-8008-exec-29] DEBUG symantec.spe.filescanning.SPEScanFile:187 - Entering SPEScanFile::scanFile() function.
2024-05-22 10:29:43,071 [http-nio-8008-exec-29] DEBUG symantec.spe.filescanning.SPEFileModeScan:61 - SPEFileModeScan::scanFile() : Entered.
2024-05-22 10:29:43,071 [http-nio-8008-exec-29] DEBUG symantec.spe.filescanning.SPEFileModeScan:68 - SPEFileModeScan::scanFile(), startTime: 1716388183071
2024-05-22 10:29:43,072 [http-nio-8008-exec-29] DEBUG symantec.spe.filescanning.SPEFileModeScan:70 - SPEFileModeScan::scanFile() - test.xml received for scanning.
2024-05-22 10:29:43,072 [http-nio-8008-exec-29] ERROR symantec.spe.filescanning.SPEFileModeScan:105 - SPEFileModeScan::scanFile(): Failed to scan file: test.xmlException : [Unable to communicate with Symantec Protection Engine.]
2024-05-22 10:29:43,072 [http-nio-8008-exec-29] DEBUG symantec.spe.filescanning.SPEFileModeScan:107 - SPEFileModeScan::scanFile() : Exiting now.

 

The same error is returned when attempting to send a scan request to the SPE server using the test ICAP scanner "ssecls".

Environment

Symantec Protection Engine 9.x

Cause

The BindAddress setting in configuration.xml was set to the SPE server's address. This caused the engine to exclude all scan requests submitted from all addresses including those from the local server. 

 

Resolution

When the BindAddress setting was removed (set to "") the problem resolved.

If the BindAddress setting must be configured then please see the rules for Configuring BindAddress settings.

Powered by Wolken Software