In order to help troubleshoot an issue with Symantec Mobile Security 7.2 (SMS 7.2), Symantec Technical Support are requesting diagnostic materials. How can these be gathered?
Symantec Mobile Security 7.2 is a complex product with components on several different locations. Technical Support Engineers (TSE's) will often require specific materials in order to gain a complete picture of the servers, environment, devices and policies involved. Below are details on some of the items they may request, and steps on how to collect them.
Symantec Endpoint Protection Support Tool
The SEP Support Tool is a handy diagnostic tool that will collect information about the Windows server upon which the Symantec Management Platform (SMP) is running. The details within will provide the TSE with information about the version of OS and software that runs on it, network addresses, connections, free disk space and so on. An illustrated article on how to run the Symantec Endpoint Protection Support Tool can be found in the following Connect forum article:
SEP Support Tool
Note that this tool will run on any Windows computer- SEP 11 or SEP 12.1 is not required.
The tool itself can be downloaded from:
The Symantec Endpoint Protection Support Tool
Be sure to click "collect full data for support" and provide the resulting .sdbz file.
Please provide a .zip file containing the server's C:\ProgramData\Symantec\SMP\Logs or C:\ProgramData\Symantec\SMP\Logs\ directory. (NSDIAG.EXE can be used to create a NSDiag.cab) This will enable Technical Support to use the Altiris Log Viewer to see the entries present on the server with the issue.
In some cases, the server's IIS logs will be useful. These should be supplied from the Mobile Security Gateway server which is having difficulty in deploying the .apk client or in maintaining communications between the Android clients and the SMP server.
Please refer to Microsoft documentation on how to log IIS traffic.
If the issue at hand is policy-related (mobile devices not performing as expected), please do provide an exported copy of the policy in question.
- To export a policy from the Symantec Management Console (SMC):
- On the console, go to Home> Mobile Security > Device Management
- Right-click on the policy in question (for example, Default Android Security Policy)
- Select Export.
Save this file to a location from which it can be uploaded or emailed to the Technical Support Engineer. The TSE will be able to import it into their own SMS 7.2 SMC and examine the configuration.
In some cases, it will be necessary to collect Mobile Security Gateway materials to perform an in-depth examination of the logs and files that are in place.
Simply locate the following directory paths and create an archive of their entire contents.
- C:\ProgramData\MobileSecurityGateway\Logs (This will collect the ConfigureSite.log, GatewayServiceLog.log, and GatewayServiceLog_Communications.log)
- C:\ProgramData\Symantec\MobileSecurity\EventArchives (a subdirectory exists for each Android client)
This log file contains raw HTTP request and reply data before it gets processed by IIS. This is usefully for debugging communication issues or for verifying the data being sent/received.
- Edit C:\Program Files\Symantec\MobileSecurityGateway\Web\Enrollment\web.config
- Uncomment the <extensions> element and set the Version of Symantec.Handheld.Gateway.Services.WcfMessageLoggerExtension to the EXACT version of the Gateway that you have installed. (for example: 7.2.695.0 or 7.2.721.0 - NOT the Agent version of 184.108.40.206)
- Uncomment the <WcfMessageLogger> elements for each of the <behavior> entries you want to log data for. There are 4 places this can be done.
- Change the <level> in the <logger> called "Communications" to have a value of "all". (This is at the end of the web.config.)
- Restart IIS using IIS Manager or by killing the W3WP.exe processes using task manager.
You should now see the following log file created.
Diagnostics from the Android device
It is possible to export detailed activity logs from the SMP about individual Android devices running SMS 7.2. These can be helpful for administrators and other troubleshooters. For details please see About Mobile Security Logs in Symantec Mobile Security 7.2.
If any additional items are needed (exports of database tables, etc) the TSE will provide details on how to gather these materials.