Collecting Forcepoint DLP Logs for Analysis
- Article Number: 000018582
- Products: Forcepoint DLP, Forcepoint DLP Endpoint, Forcepoint One Endpoint
- Version: 8.7, 8.6, 8.5, 8.4
- Last Published Date: July 21, 2020
I have encountered an issue with my Forcepoint DLP environment and wish to open a Support case for assistance. What log files from the environment would be useful for the technician to check?
When creating a case with Forcepoint Technical Support, please ensure that the correct version number is provided. Be as descriptive as possible when explaining the issue.
The logs of interest are dependent on the component that is experiencing the issue. Please refer to each section below for more information and note that this is not a comprehensive list.
DLP Manager ServerFor issues with the following:
Secondary Server(s) - Discovery/Fingerprinting Crawler, Endpoint Server, OCR ServerFor issues with the following:
Linux Appliances - Web Content Gateway, Email Security Gateway, DLP Protector, Analytics EngineNOTE For appliances provided by Forcepoint, assistance from Technical Support is needed to obtain root access to the machines. A tool such as WinSCP can be used to pull files from the environment.
For issues with the following:
Endpoint ClientsFor issues with the following:
CASBFor issues with the following:
Keywords: DLP Data Security; How do I collect logs: SVOS: SVOP; Open Case; Protector; WCG; ESG; CASB; Data Security Manager; Policy Issue; DLP Console Not Working; Policy Not Working; ServerInfo