When logging a case with Technical Support for a MAR client-side issue, perform the following data gathering before opening your support case.
Gathering troubleshooting information before you submit your case speeds up the resolution process.
NOTE: Technical Support might request further data, depending on the issue:
First enable debug logging on the client. Modify the client's policy on your ePolicy Orchestrator (ePO) server:
- Log on to the ePO console.
- Click Menu, Policy, Policy Catalog.
- From the Product drop-down list, select Active Response.
- Click the General policy. Or, create a policy.
- Click the Logger tab.
- Select the needed logging level.
NOTE: For most issues, Debug level is sufficient, but we might direct you to select a different level.
- Click the General tab.
- Deselect Enable data folder protection.
- Click Save.
- Make sure that the policy is assigned to the client.
- Send an agent wake-up call to the client.
The Active Response client has two features. Specific data is needed, depending on which feature is experiencing issues.
To fully understand an issue, you need logging from the client and server sides of the conversation.
It's important that we have logs from both the Active Response Client and Active Response Server, which cover the same time period and show the issue.
An MER from both the client and server is needed if the logging alone doesn't fully explain the issue.
Many times, data included in the MER is needed, which includes the following:
- Environmental variables
- Running processes
- Other managed products installed
- Exact version numbers of all our products such as ePO, Endpoint Security, McAfee agent, DXL.