search cancel

Cynic file submission failed

book

Article ID: 163439

calendar_today

Updated On:

Products

Endpoint Detection and Response Cloud Endpoint Detection and Response Advanced Threat Protection Platform

Issue/Introduction

You are not able to submit the file to Cynic website using Symantec Advanced Threat Protection (ATP) or Symantec Endpoint Detection Response (EDR).

When manually trying to submit the file, there is a successful message but the Action Center shows an error.

You may also see errors regarding persistent connection errors.

 

ATP APP Logs: -

[2016-06-09
12:27:20,471][com.symantec.atp.web.exception.HttpErrorResponseLogger][pool-
11-thread-1][WARN]
Started task to forward telemetry to the telemetry remote:
[2016-06-09
12:27:20,483][com.symantec.atp.web.exception.HttpErrorResponseLogger][pool-
11-thread-1][WARN]
Started task to forward telemetry to the telemetry remote:[2016-06-09
12:27:33,457]

Corresponding logs from service_host_node_host.log:
2016-06-09 11:03:48,664 5893::139931578005248 ERROR dmas_client_generic - curl_easy_perform fail,error code=35 [CurlAgent.cpp:461]

 

Resolution

This issue can be resolved by reinstalling the ATP license to the ATP Manager. See Viewing the license status and updating a license.

OR

Change the Cynic Sandboxing to "Use United Kingdom regional instance only", then un-selecting it. See Changing the geographic location where you submit files for cloud-based sandboxing.

Attachments