Download SymDiag to detect product issues
search cancel

Download SymDiag to detect product issues


Article ID: 155115


Updated On:


Advanced Threat Protection Platform Data Center Security Server Data Insight for DLP Data Loss Prevention Endpoint Encryption Endpoint Protection Endpoint Protection Small Business Edition (Cloud) Endpoint Protection Cloud Information Centric Tagging Protection Engine for NAS Protection Engine for Cloud Services Cloud Secure Web Gateway - Cloud SWG VIP Authentication Hub Generic Non Product Support Portal Global Customer Assistance


Download and learn about SymDiag the Symantec Diagnostic Tool which identifies common issues and gathers data / logs for support-assisted troubleshooting.


Versions of SymDiag prior to 2.1.320 are unable to update themselves.
Once you have downloaded v2.1.320 or newer, the update capability will be restored.


Download SymDiag

SymDiag for Windows v3 Beta

The SymDiag for Windows v3 Beta is available for testing.

SymDiag for Windows (2.1.320.11285)

  1. Download SymDiag for Windows.
    Save the file to the Windows desktop.
  2. On the Windows desktop, double-click the SymDiag.exe icon.
  3. Follow the on-screen instructions or consult the Table of Contents below to find further instructions for using SymDiag depending on what you want to accomplish with SymDiag

SymDiag for Linux (2.1.11285)

The method used to gather logs on a Linux system is dependent upon whether the SEP for Linux client  or the SES Linux Agent is being used.  

SEP for Linux (On-prem install)

  1. Download SymDiag for Linux.
    Right-click this link and choose "Save Target As" or "Save Link As".
  2. Save to a directory on the computer.
  3. Mark the file as executable to run as superuser.

    sudo chmod +x ./
    sudo ./
  4. Follow the on-screen instructions.

SES Linux Agent (cloud managed)

Use the Get Agent Info script to collect SES Linux Agent logs.

Run the following command from a terminal:

cd /opt/Symantec/sdcssagent/IPS/tools; ./

SymDiag for macOS

SymDiag for macOS is not available. Instead, download one of the following:

  1. Download for issues with WSS Agent or Unified Agent
  2. Download GatherSymantecInfo for issues with other Symantec products

Diagnostic .cloud for Edge Secure Web Gateway (formerly ProxySG)

Additional diagnostic resources are available at Diagnostic .cloud for the following Network Protection products:

  • Edge Secure Web Gateway (formerly ProxySG)

SymDiag Viewer for Windows (2.1.320.11285)

  1. Download SymDiag Viewer for Windows.
    Save the file to the Windows desktop.
  2. On the Windows desktop, double-click the SymDiagViewer.msi icon.
  3. Follow the on-screen instructions to install the SymDiag Viewer
  4. Double click on any *.sdbz file and the file will be opened in the SymDiag Viewer

File Legend

The following table lists all files in the Attachments section at the bottom of this page, including the ones listed above.

Product File

Version File


SymDiagViewer.msi SymDiagViewerVer.txt v2 SymDiag Viewer SymHelpLinux_SymcRCVer.txt v2 SymDiag for Linux
SymDiag.exe SymcSTVer.txt v2 SymDiag for Windows
sdupdate.dat   v2 database update file
SymDiagViewer3.msi SymDiagViewer3.json v3 SymDiag Viewer
SymDiagWin.exe SymDiagWin.json v3 SymDiag for Windows SymDiagLinux.json v3 SymDiag for Linux (coming shortly)
SymDiagUpdate.dll SymDiagUpdate.json v3 SymDiag update file (coming shortly)


About SymDiag

The Symantec Diagnostic Tool (SymDiag) is a multi-product, multi-language diagnostic, and security analysis utility. SymDiag provides self-help support for Symantec product technical issues, zero-day threat analysis, best practice recommendations, and proactive services to customers.

If you require further assistance, SymDiag lowers the level of effort and increases efficiency by automating data gathering and support case submission.

Supported products

SymDiag supports the following Symantec products:

  • Advanced Threat Protection (Linux)
  • Auth Connector
  • Authentication and Authorization Agent
  • Data Center Security Agent
  • Data Insight
  • Data Loss Prevention 11.0 and later
  • Encryption Powered by PGP
  • Endpoint Encryption
  • Endpoint Protection 11.0 and later*
  • Endpoint Protection Small Business Edition (.Cloud)
  • Endpoint Protection Cloud
  • Enterprise Agent
  • Information Center Analytics
  • Information Centric Tagging
  • Mail Security for Microsoft Exchange 6.5.2 and later*
  • Management Platform
  • Optical Character Recognition
  • Protection Engine
  • Unified Agent/Web Security Service Agent
  • VIP Access
  • Web Cloud Protection
  • Web Gateway
  • Web Security Service

*SymDiag includes reporting on license status for this product. See About the Licensing Dashboard in SymDiag.

Supported operating systems


SymDiag runs on the same Windows operating systems that Symantec products that function with SymDiag support.

On Windows 2008 R2 Server Core, run SymDiag with the following command-line switch:



The following x86 and x64 Linux distributions are supported.

Distribution Minimum Version
RedHat Enterprise Linux 6.5
CentOS 6.5
Fedora 16
Oracle Linux 6.5
Debian 6.0.5
Ubuntu 11.10
SUSE 11.0
Novell Open Enterprise Server 11.0


Command-line and remote deployment

SymDiag comes with many command-line parameters, and you can remotely deploy SymDiag.

Self-help reporting

Before contacting Support, you can identify Symantec product issues, licensing status and identify best-practice configurations of your Symantec product. You can also attempt to identify suspicious files and start an investigation into whether they are zero-day threats.

Proactive Services - Best Practice Reporting

Threat Analysis Scan

Licensing Dashboard

Data collection for Support

You can run SymDiag on computers to produce self-help solutions, as well as collect data for support cases with Symantec.

Debug Logging

Delivering data to Support

Use SymDiag to gather data on relevant computers for support cases with Symantec. SymDiag lets you deliver that data directly into a new or existing support case.

Windows Root Certificate Requirement

SymDiag requires a root certificate to be auto installed by the Windows OS and that the OS supports SHA-2 code signing certificates.

If these requirements are not met, SymDiag will display an error message of "Failed to launch Symantec Diagnostic Tool".

This issue can be resolved by following the steps in the article Failed to launch Symantec Diagnostic Tool.

Release Notes

Build 2.1.320.11285 (10/31/2023)

Key Component/s OS Summary
SUPOPS-880 SymDiag, Viewer All Unable to update to newer versions
SUPOPS-882 SymDiag Windows Remove uploading to a Wolken case
SUPOPS-869 Viewer Windows Change Viewer Menu location
SUPOPS-726 SEP, SEPM Windows Update version checking for 14.3 RU7 and RU8
SUPOPS-810 PE Windows Unable to detect PE if symcscan service ImagePath has -debug
SUPOPS-883 DLP Windows Database is locked error is logged after testing DLP Enforce password
SUPOPS-735 DLP Windows Incorrect version of DLP detected after upgrade


Build 2.1.318.11278 (06/14/2023)

Key Component/s OS Summary
SUPOPS-423 SED Windows Collect the encryption status of PGP
SUPOPS-422 SEE Windows Collect the encryption status of SEE
SUPOPS-661 SEP Windows Add additional logging details to the error "Unable to validate ccSettings database"
SUPOPS-700 SEP Windows Add Edge Browser Extension related info
SUPOPS-725 SEP Windows Add SETTDAD-TRAPS wpp provider with a default of disabled
SUPOPS-664 SEPM Config Review Windows Protection Overview has sections that only show 52 rows.  Display the full data in the Viewer.
SUPOPS-636 SymDiag Windows Capture native/wow64 registry key and values from ...\Windows NT\CurrentVersion\AeDebug


Build 2.1.316.11253 (01/30/2023)

Key Component/s OS Summary
SUPOPS-632 DLP Windows Unable to parse DLP version from path that has a number in a sub directory
SUPOPS-627 DLP Windows Capture the Data Loss Prevention registry key and values
SUPOPS-580 DLP Linux Update for DLP 16 Linux release
SUPOPS-607 DLP, Viewer Windows Update Symantec articles in section 6.3.10 JAVA Memory Settings to a newer kb
SUPOPS-603 DLP, Viewer Windows Old Oracle server information
SUPOPS-604 DLP, Viewer Windows Remove Processor Speed findings for Enforce and Detection servers
SUPOPS-606 SEP Windows Update url responses for report checking if SEP Symantec servers are working.
SUPOPS-605 SEP Windows Remove 'Symantec Endpoint Protection (Small Business Edition)' entries from Search Kbs and Product landing sites
SUPOPS-585 SEPM Windows SEPM report for configured ports is incorrect for custom port
SUPOPS-619 SMSMSE Windows Exchange build numbers of 15.x are  not mapped to correct Exchange versions
SUPOPS-608 SymDiag Windows Command line option debuglog filepath does not create log file in filepath
SUPOPS-631 SymDiag Windows Collect all reg values from Windows NT\CurrentVersion 
SUPOPS-628 SymDiag Windows Pickup the latest etl2pcapng
SUPOPS-609 SymDiag Windows Null exception in SelectProductVM.CheckMatchingProducts
SUPOPS-630 SymDiag Windows Collect HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders

Build 2.1.314.11248 (11/11/2022)

Key Component/s OS Summary
SUPOPS-601 DLP Windows Update System requirements for supported OSes
SUPOPS-602 DLP Windows Update versions for 16
SUPOPS-597 SEP, SEPM Windows Update for 14.3 RU6 release
SUPOPS-598 SEP, SEPM Windows Update System Requirements for newer versions of Windows
SUPOPS-299 SEP, WSS Windows Collect "verbose" data for NTR by default
SUPOPS-584 SEP, WSS Windows NTR trace logs not included if it is disabled
SUPOPS-595 SEP, WSS Windows When Ntr runs collection of ipconfig and nslookup, the command does not exist
SUPOPS-590 SEP, WSS Windows Report RHC_ProtectionStatus is not run when NTR is enabled
SUPOPS-589 SEP, WSS Windows BNS Connection is not collected when NTR is enabled
SUPOPS-600 SEP, WSS Windows If NTR is installed and disabled, exception when checking pac file integrity is logged
SUPOPS-591 SEP, WSS Windows WssLatency is not collected when NTR is enabled
SUPOPS-599 SEP, WSS Windows If NTR is installed and disabled, exception getting NTR latency is logged
SUPOPS-593 SEP, WSS Windows Change Latency results from a text file to a DbVar and display in view ...\Other Data\Latency
SUPOPS-588 SEPM Config Review Windows Add Windows Vista to Config Review's Legacy Windows report
SUPOPS-499 SymDiag Linux Collect Linux commands into a table for setting up SUDO permissions

Build 2.1.312.11245 (10/04/2022)

Key Component/s OS Summary
SUPOPS-583 SEP Windows Scan hangs if xml value is not found when running GetPolicyClientControlMode
SUPOPS-514 SEP Windows WPP logging fails to initialize due to existing file
SUPOPS-507 SEP Windows Display Final GEH exceptions from ccSettings as a list
SUPOPS-570 SEP Windows Collect SEPInstallTraceSession.etl for SEP Windows
SUPOPS-579 SEP Windows Cloud Client warns that feature is in mixed mode
SUPOPS-578 SEP Windows Exception in WtrInformation when accessing database in background thread
SUPOPS-582 SEP,SEPM Windows Update version for Sep 14.3 RU5 (Refresh 2) release
SUPOPS-365 SEPM Windows SEPM Top 5 intrusion query errors with an arithmetic overflow error converting expression to data type int
SUPOPS-553 SMSMSE Windows Collect permissions for folders and registry
SUPOPS-552 SMSMSE Windows Update for SMSE 7.09 and 7.10
SUPOPS-565 SMSMSE Windows Add SMSMSE Quar Admins to Console Permission report checks
SUPOPS-566 SMSMSE Windows .Net v4.8 is reported as an error for SMSMSE requirements report
SUPOPS-540 SPE Windows Add CSAPI logging to SPE Windows
SUPOPS-535 SPE Windows Add WPP logging to SPE Windows
SUPOPS-554 SymDiag Windows Exception in Symantec.Diag.Ui.Net3.AppUi3..cctor
SUPOPS-557 SymDiag Windows If SymDiag is running in silent mode and it is not able to verify the certificates, a UI error is displayed
SUPOPS-555 SymDiag Windows Update copyrights
SUPOPS-574 SymDiag Windows Exception when parsing SID names

Build 2.1.310.11238 (08/11/2022) 

Key Component/s OS Summary
SUPOPS-538 SEP Windows Exception if Cloud Server connection, but no cloud policies
SUPOPS-533 SEP Windows SEP 14.3 RU5 Cloud API to get policies fails
SUPOPS-551 SEP Windows SymDiag does not collect debug and wpp logs when using the -s -enable command line options
SUPOPS-530 SEP, SEPM Windows Add 14.3 RU5 refresh as new version for SEP
SUPOPS-503 SEPM Windows Error converting data type nvarchar to numeric when collecting information about a sep client
SUPOPS-527 SPE Windows Update SPE OS requirements for System Requirements report
SUPOPS-542 SPE Windows Collect Stargate logs for v8.2
SUPOPS-543 SPE Windows For service report, remove symcmicrodefsmgr if 8.2 or greater
SUPOPS-544 SPE Windows Remove 7.8 from install requirement strings
SUPOPS-545 SPE Windows Remove excess spaces from PE's file version
SUPOPS-546 SPE Windows Collect Common Agent Framework files
SUPOPS-528 SPE Windows Update SPE supported versions for latest version report
SUPOPS-532 SymDiag Windows Collect Internet Settings from the registry
SUPOPS-550 WSS Windows The WSS SSL Root Certificate report incorrectly reports that the certificate is not installed if more than 1 certificate is installed

Build 2.1.308.11236 (06/21/2022) 

Key Component/s OS Summary
SUPOPS-530 SEP, SEPM Windows Add 14.3 RU5 as new version for SEP.  NOTE: 2.1.308 is required for full support of SEP 14.3 RU5.  Earlier versions may not collect all SEP data, have report errors and not enable SEP debugging.

Build 2.1.308.11235 (06/07/2022) 

Key Component/s OS Summary
SUPOPS-153 DLP Windows DLP Agent enable / disable FINEST logging
SUPOPS-484 DLP Windows Add etw guids for vrtam.sys and vnwcd.sys
SUPOPS-520 DLP, Viewer Windows Update Enforce Oracle Server version information in config review
SUPOPS-510 SED Windows Latest versions of Endpoint Encryption and Encryption Desktop
SUPOPS-525 SEE Windows Win Server 2019 is reported as not supported for see
SUPOPS-524 SEE Windows Endpoint Encryption Management Server reports CLRtypes not installed when they are.
SUPOPS-470 SEP Windows Collect additional hardening files for RU4
SUPOPS-513 SEP Windows Unexpected installation report error
SUPOPS-526 SEP Windows SymDiag exits while running ScCloudPolicyVersions script command
SUPOPS-495 SEP Windows Change how SEP Information Features are displayed.  Now shown as Features and as Protections
SUPOPS-489 SEP Windows Parse SEP 14.3 RU4 Application Hardening log (AsrMan.log)
SUPOPS-488 SEPM Windows Proactive and Config Review report an error when checking on the latest version
SUPOPS-494 SymDiag Windows MSI Applications missing apps that are only in Uninstall key
SUPOPS-485 SymDiag Windows When Sql Server is not installed, try to collect install log files
SUPOPS-511 SymDiag Windows Update 3rd party software
SUPOPS-506 WSS Windows WSS Pac file is not downloaded

Build 2.1.306.11230 (02/07/2022) 

Issue key Component OS Summary
SUPOPS-478 DLP Windows Update DLP Version
SUPOPS-173 DLP Windows Collect Debug Output Strings for DLP
SUPOPS-447 DLP Windows Unable to identify Enforce version when installed to a custom directory
SUPOPS-459 SED Windows SED 10.5 MP3 released
SUPOPS-479 SEE Windows Update SEE version
SUPOPS-458 SEP Windows Could not find a part of the path after saving the SBDZ
SUPOPS-464 SEP Windows SymDiag can crash if try to delete an invalid Common Client value
SUPOPS-476 SEP, SEPM Windows Update EP 14.3 RU4 version
SUPOPS-480 SMSMSE Windows Update SMSMSE Version
SUPOPS-477 SymDiag Windows Update Sql Server Versions

Build 2.1.304.11227 (01/27/2022) 

Issue key Component OS Summary
SUPOPS-468 Viewer Windows EO WebBrowser license error when using public decrypt server
SUPOPS-475 SymDiag, Viewer Windows Not able to connect with reputation server


Related terms: symhelp, symhelpexe,symantec help