Endpoint Protection

Dear All,

I have an issue with SEPM 14.X. It is configured to externally dump the log file and integrated with Splunk. It was working for last long time. Now log files (.tmp and log) are not getting created in dump folder. Even SEPM monitor all tabs shows no information. Logged a P2 case with Broadcom support. Team asking to check the configurations with a working Server and no further suggestions. Not even ready to escalate the case to next level also. Not doing anything to analyze the logs or do any troubleshooting. Support technician was seeing this type of configuration first time and we were explaining how it was working. Can anyone please suggest what to do next. Customer is very upset with this type of support but no where to escalate.

Regards,
Shibu

------------------------------
Intertec Systems LLC
------------------------------

What is the case number?

------------------------------
John Owens
Principal Product Support
Symantec
United States
------------------------------

Original Message:
Sent: 05-15-2020 12:58 PM
From: Shibu Mammen
Subject: External Logging to Dump file not creating any output

Dear All,

I have an issue with SEPM 14.X. It is configured to externally dump the log file and integrated with Splunk. It was working for last long time. Now log files (.tmp and log) are not getting created in dump folder. Even SEPM monitor all tabs shows no information. Logged a P2 case with Broadcom support. Team asking to check the configurations with a working Server and no further suggestions. Not even ready to escalate the case to next level also. Not doing anything to analyze the logs or do any troubleshooting. Support technician was seeing this type of configuration first time and we were explaining how it was working. Can anyone please suggest what to do next. Customer is very upset with this type of support but no where to escalate.

Regards,
Shibu

------------------------------
Intertec Systems LLC
------------------------------

Hello John,

I'm sorry.Really missed the message. I was behind Broadco team logging different cases since there were no proper support. I'll update case history.

Issue was reported by customer on 07/05/2020 as their Symantec Endpoint Protection Manager (SEPM) Server not dumping the logs in local folder to be accessible by the SPLUNK solution. 

 

07/05/2020 - {Case#31905212} ## Medium - P3- Symantec server security logs not reporting to Splunk.  Broadcom team took session and started cross checking the setting with working setup of other site  and there were no progress. Told since it is P3 case support will be like this and suggested to log P2/P1 case.

 

08/05/2020 - {Case#31908065} ## New P2 Case Created(P1 was not an option), new team started asking same screen shots and not performed any troubleshooting steps or log collection steps to analyze the issue. After repeated requests and follow up to transfer case to next level also was ignored  and were dragged. Suddenly on a week end they closed the case on 02/06/2020.

 

04/06/2020  - Customer created new case - {Case#31951152} ##High - P2 - [ADV - EMEA]Symantec EndPoint Protection Management external Logging not working and Security logs are not generating in the SEPM Server.

 

Same routine repeated and no progress. Request to transfer case to next level or development team is ignored and latest update is team came with a workaround  asking to input a registry entry in systems. Customer not ready to accept this work around and asked to transfer case to the team who is having knowledge on the product. This correspondence was on 30^th and then no update.

Still issue is not sorted out and now a days support team least bothered to reply also.

Regards,
Shibu

Original Message:
Sent: 05-18-2020 01:20 PM
From: John Owens
Subject: External Logging to Dump file not creating any output

What is the case number?

------------------------------
John Owens
Principal Product Support
Symantec
United States

Original Message:
Sent: 05-15-2020 12:58 PM
From: Shibu Mammen
Subject: External Logging to Dump file not creating any output

Dear All,

I have an issue with SEPM 14.X. It is configured to externally dump the log file and integrated with Splunk. It was working for last long time. Now log files (.tmp and log) are not getting created in dump folder. Even SEPM monitor all tabs shows no information. Logged a P2 case with Broadcom support. Team asking to check the configurations with a working Server and no further suggestions. Not even ready to escalate the case to next level also. Not doing anything to analyze the logs or do any troubleshooting. Support technician was seeing this type of configuration first time and we were explaining how it was working. Can anyone please suggest what to do next. Customer is very upset with this type of support but no where to escalate.

Regards,
Shibu

------------------------------
Intertec Systems LLC
------------------------------