SEP for Mac client does not appear in the Symantec Endpoint Protection Manager (SEPM) after installing with a package exported from the SEPM, and you want to know how to troubleshoot heartbeat communication using a method similar to Sylink debug logging on Windows.
- SEP for Mac client does not appear in the SEPM after installing with package exported from the SEPM.
- Connection Status reads: Disconnected
Note: Since Mac clients can only get content via LiveUpdate, Sylink debug logging can't be used to troubleshoot content delivery, only the connection (heartbeat) to the SEPM.
To enable Sylink debugging on 12.1 RU2 and earlier, continue below. For 12.1 RU4 and later, skip down to the 12.1 RU4 section.
For 12.1 RU2 and earlier:
Within a Terminal window, enter: sudo /Library/StartupItems/SMC/smclient --debuglevel=engineer
Authenticate when prompted. The Terminal window will not echo password input.
Restart smclient. This is not required to change the debug level but it is a good idea on a managed client to force a check-in and retrieve updated policy settings: sudo /Library/StartupItems/SMC/smclient --stop sudo /Library/StartupItems/SMC/smclient --start
Allow it to run for 10-15 minutes, then reverse changes (authenticating again when prompted) by entering: sudo /Library/StartupItems/SMC/smclient --debuglevel=none
When ready to collect logs, see the 'Gathering SEP for Mac logs' section below.
For 12.1 RU4 and later:
Within a Terminal.app window, run the following commands to setu logging levels. Use an 'administrator' account for this. Use of the 'sudo' command may require authentication. Use the current administrator's password.
Set the logging level to the most detailed level - engineer:
For all SEP for Mac versions, run the GatherSymantecInfo tool and email the results to technical support. This report will include the debug log as well as lots of other useful information. The debug log is otherwise located at:
Technical Information There are three levels to set for debugging: none, support, and engineer. The output for engineer resembles Windows Sylink logging, with some extra information about scan policy values. Note for 12.1 RU4 and later, the three debugging levels are input as
is the letter L and not the number one.
Imported Document Id
This is machine translated content
Login to Subscribe
Please login to set up your subscription.
Didn't find the article you were looking for? Try these resources.