On a standalone agent, the history_ids.csv file does not get created after applying a detection policy. The history_ids.csv file contains records of policies that are accepted (successfully applied) or rejected.
On Windows, use the Event Viewer to verify policy application. If a prevention policy is applied to the agent, you require permission in the policy to open the event viewer.
See the Giving privileges to run the agent event viewer section in the online help.
On Linux, see the SISIDSEvents.csv file to verify policy application. If a prevention policy is applied to the agent, you require to disable prevention in order to view the contents of the SISIDSEvents.csv file.
Affected agent operating systems: All Windows and Linux operating systems
This issue has been resolved in Symantec™ Embedded Security: Critical System Protection release 1.0.1.
ID: 3678858, 3713605
Imported Document ID: TECH228472
Subscribing will provide email updates when this Article is updated. Login is required.