In order to help troubleshoot an issue with Symantec Mobile Security 7.2 (SMS 7.2), Symantec Technical Support are requesting diagnostic materials. How can these be gathered?
Symantec Mobile Security 7.2 is a complex product with components on several different locations. Technical Support Engineers (TSE's) will often require specific materials in order to gain a complete picture of the servers, environment, devices and policies involved. Below are details on some of the items they may request, and steps on how to collect them.
Symantec Endpoint Protection Support Tool
The SEP Support Tool is a handy diagnostic tool that will collect information about the Windows server upon which the Symantec Management Platform (SMP) is running. The details within will provide the TSE with information about the version of OS and software that runs on it, network addresses, connections, free disk space and so on. An illustrated article on how to run the Symantec Endpoint Protection Support Tool can be found in the following Connect forum article:
Be sure to click "collect full data for support" and provide the resulting .sdbz file.
Please provide a .zip file containing the server's C:\ProgramData\Symantec\SMP\Logs or C:\ProgramData\Symantec\SMP\Logs\ directory. (NSDIAG.EXE can be used to create a NSDiag.cab) This will enable Technical Support to use the Altiris Log Viewer to see the entries present on the server with the issue.
In some cases, the server's IIS logs will be useful. These should be supplied from the Mobile Security Gateway server which is having difficulty in deploying the .apk client or in maintaining communications between the Android clients and the SMP server.
Please refer to Microsoft documentation on how to log IIS traffic.
If the issue at hand is policy-related (mobile devices not performing as expected), please do provide an exported copy of the policy in question.
To export a policy from the Symantec Management Console (SMC):
On the console, go to Home> Mobile Security > Device Management
Right-click on the policy in question (for example, Default Android Security Policy)
Save this file to a location from which it can be uploaded or emailed to the Technical Support Engineer. The TSE will be able to import it into their own SMS 7.2 SMC and examine the configuration.
In some cases, it will be necessary to collect Mobile Security Gateway materials to perform an in-depth examination of the logs and files that are in place.
Simply locate the following directory paths and create an archive of their entire contents.
C:\ProgramData\MobileSecurityGateway\Logs (This will collect the ConfigureSite.log, GatewayServiceLog.log, and GatewayServiceLog_Communications.log)
C:\ProgramData\Symantec\MobileSecurity\EventArchives (a subdirectory exists for each Android client)
This log file contains raw HTTP request and reply data before it gets processed by IIS. This is usefully for debugging communication issues or for verifying the data being sent/received.
Uncomment the <extensions> element and set the Version of Symantec.Handheld.Gateway.Services.WcfMessageLoggerExtension to the EXACT version of the Gateway that you have installed. (for example: 7.2.695.0 or 7.2.721.0 - NOT the Agent version of 184.108.40.206)
Uncomment the <WcfMessageLogger> elements for each of the <behavior> entries you want to log data for. There are 4 places this can be done.
Change the <level> in the <logger> called "Communications" to have a value of "all". (This is at the end of the web.config.)
Restart IIS using IIS Manager or by killing the W3WP.exe processes using task manager.
You should now see the following log file created.
In some cases, it is necessary to collect the Symantec logs and other diagnostic information from the affected Android device. In these cases, the Tech Support Engineer will provide a special "Symantec Support Tool for Android" tool.
If any additional items are needed (exports of database tables, etc) the TSE will provide details on how to gather these materials.
Imported Document Id
This is machine translated content
Login to Subscribe
Please login to set up your subscription.
Didn't find the article you were looking for? Try these resources.