Finding the URL that triggers Web.Reputation.1 during Protection Engine file scans
book
Article ID: 396933
calendar_today
Updated On:
Products
Protection Engine for NASProtection Engine for Cloud Services
Issue/Introduction
How to identify the URL(s) that trigger a Web.Reputation.1 detection when scanning files with Symantec Protection Engine (SPE).
Environment
SPE 9.2.1 and older
Cause
SPE versions 9.2.1 and older do not include functionality to show the URL(s) that triggered a Web.Reputation.1 detection.
Resolution
As of SPE 9.3 the SSE########.log file includes the URL(s) that triggered a Web.Reputation.1 detection. Broadcom support recommends customers upgrade to SPE version 9.3 or newer to enable this functionality.
If you are on SPE 9.2.1 and can not upgrade to SPE 9.3 or newer, please use the steps listed below.
Ensure that SPE 9.2.1 is installed **REQUIRED**
Download the file HF_9_2_1.zip attached to this KB
Upload HF_9_2_1.zip to the SPE and unzip the file
Stop the SPE services using the following command: