Learn about and download SymDiag, the Symantec Diagnostic Tool. SymDiag helps identify common issues and gathers data for support-assisted troubleshooting.
Also available are links to SymDiag FAQs and additional support resources.
The method used to gather logs on a Linux system is dependent upon whether the SEP for Linux client or the SES Linux Agent is being used.
sudo chmod +x ./symdiag.run
Get Agent Info script can be used to collect SES Linux Agent logs. Run the following command from a terminal:
cd /opt/Symantec/sdcssagent/IPS/tools; ./getagentinfo.sh
SymDiag for macOS is not available. Instead, download one of the following:
Additional diagnostic resources are available at Diagnostic .cloud for the following Network Protection products:
The Symantec Diagnostic Tool (SymDiag) is a multi-product, multi-language diagnostic, and security analysis utility. SymDiag is provides self-help support for Symantec product technical issues, zero-day threat analysis, best practice recommendations, and proactive services to customers.
If you require further assistance, SymDiag lowers the level of effort and increases efficiency by automating data gathering and support case submission.
SymDiag supports the following Symantec products:
*SymDiag includes reporting on license status for this product. See About the Licensing Dashboard in SymDiag.
SymDiag runs on the same Windows operating systems that Symantec products that function with SymDiag support.
On Windows 2008 R2 Server Core, run SymDiag with the following command-line switch:
The following x86 and x64 Linux distributions are supported.
|RedHat Enterprise Linux||6.5|
|Novell Open Enterprise Server||11.0|
SymDiag comes with many command-line parameters, and you can remotely deploy SymDiag.
Before contacting Support, you can identify Symantec product issues, licensing status and identify best-practice configurations of your Symantec product. You can also attempt to identify suspicious files and start an investigation into whether they are zero-day threats.
You can run SymDiag on computers to produce self-help solutions, as well as collect data for support cases with Symantec.
You should use SymDiag to gather data on relevant computers for support cases with Symantec. SymDiag lets you deliver that data directly into a new or existing support case.
The Symantec Diagnostic Tool (SymDiag) has been developed by Symantec over many years and has had a number of different names. The following support utilities have been a part of that history and are all now no longer used by support in favor of the improved and inclusive features maintained in SymDiag:
Build 2.1.284 (11/02/2020)
SAD-784 SES information does not show all of the exceptions created in the Exception Policy
SAD-807 The SES Service report shows an incorrect NTR/SEPWSC/ScanService status on Win7
SAD-840 SymDiag exits when trying to collect SES cloud policies when not connected to the cloud
SAD-853 On Linux, Enforce Tns Listener report has result and text issues
SAD-855 Enforce Oracle permission sql errors
SAD-847 SEPM Config Review Technology Summary does not have % symbols in the Percent column
SAD-846 SEPM Config Review has incorrect client count in 2 places of the report
SAD-870 DLP 15.7 MP1 Windows Agent vnwcd service report is a false negative
SAD-878 DLP Agent services vfsmfd and vrtam are flagged as errors when not running, but are demand start
SAD-874 SBE cloud EOL on 11/1
SAD-835 Customer ID is incorrect on WSS Agent page
SAD-837 SES update WTR to NTR in the output
SAD-877 Enforce ListAgentsLegacy sql query errors on 15.7
Build 2.1.282 (9/10/2020)
SAD-444 File upload to a case is not working
SAD-621 Update URL in Protection Overview Report
SAD-615 Integrate WSSA tool and WSS data collection into EPClient collection
SAD-677 WSS not displaying ThreatPulse
SAD-691 Sep 14.3 GA release
SAD-694 Not collecting additional files that should be collected
SAD-571 Even-though IPS is enabled , symdiag shows IPS feature is Inconclusive
SAD-450 Configuration Review String
SAD-620 Sort Security Advisories by client versions in the config review
SAD-255 Application Learning detail report appears in Configuration Review when it is OK
SAD-657 Number of SEP Clients is counting duplicate systems
SAD-707 Update to latest EO.WebBrowser to resolve exception when logging in to case management
SAD-443 Broken KB URL
SAD-708 Update missing kb links
SAD-451 Configuration Review URL update
SAD-645 Exception when collecting Cloud Policies
SAD-439 Update WSS and UnifiedAgent known versions
SAD-676 Viewer report if serial numbers are core or not
SAD-729 Remove Data Insight reports and only collect data
SAD-579 Database is locked message is sometimes displayed when saving the file
SAD-733 SymDiag not detecting DLP 15.7 on Windows
SAD-740 SymDiag can't connect to the reputation server
SAD-668 SEPM Protection Score report has Download Insight is not enabled on -x endpoints
Build 2.1.280 (5/26/2020)
SAD-424 SymDiag Viewer does not show Config Review on BCP VM
SAD-421 SEP 14.3 unexpected installation configuration report error
SAD-417 Red Hat 7.7 OS is listed as not supported
SAD-413 Unknown DriveFormat on Linux
SAD-412 Not collecting OS name on some Linux
SAD-409 Update DLP Version Checking and Remove Reference to 14.x
SAD-406 KB Click 404 Client communications might not be working
SAD-396 RHEL 7.7 not able to get list of services
SAD-373 EO.WebBrowser exceptions when Save Window is displayed
SAD-361 Version Check for Encryption is out of date
SAD-263 [SEP 14.3] Update system requirements report
SAD-249 Collect and display cloud client policies
SAD-5 Update latest version report
SAD-358 Update DLP Config Review links to Broadcom
SAD-357 Config Review report Clients with less than 1.5 GB free disk space is not correct
SAD-353 Update SEP Config Review KB links to Broadcom links
SAD-268 [PO] modify the thresholds for when the IPS and the virus "Definitions out of date" checks fail and display data
SAD-266 [PO] List group names and policies applied
SAD-265 [PO] Emphasize each of the SEP protection technologies for threats and computers
SAD-264 [PO] Top 5 IPS sigs triggered, top 5 machines with IPS events
SAD-233 Present policy version for Cloud managed client
Related terms: symhelp, symhelpexe,symantec help