Malware detections in Email Security.cloud take more than an hour to arive at ATP appliance
Last Updated June 20, 2016
Within the portal for Email Security.cloud, Email Track and Trace shows one or more messages with attachments that were detected as malware. However, these malware detection events do not appear in the Events page of the Advanced Threat Protection (ATP) Platform after one hour passes.
No error message is visible in the UI of the ATP appliance.
On the Settings> Global Settings page of the ATP UI, the Synapse correlation is enabled.
The status of the Email Security.cloud correlation is Healthy.
To diagnose this matter, please upload logs within the command line interface (CLI) of ATPP, then open a technical case with Symantec Technical Support for assistance.
To upload log evidence
Within the CLI, log in as admin.
When the command is complete, type: bsupport
Copy the UUID from the output of the bsupport command, and paste that into the support case to permit support to locate and process the log evidence.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe