cancel
Showing results for 
Search instead for 
Did you mean: 
TimoL
Level 7
Report Inappropriate Content
Message 1 of 2

SIEM | ePolicy Orchestrator data source stops gathering events

ePolicy Orchestrator data source stops gathering events

Error log 

tail -f -n 50 /var/log/epo.24

 

Mar 11 14:19:25 L_ERROR 01906|ct_fetch returned* _FAIL at [collector/connector/mssql/ntds.c:209 (tds_exec_reader)]
Mar 11 14:19:25 L_ERROR 01906|tds_exec_reader failed at [collector/connector/mssql/tds_connector.c:194 (tds_connector_exec_query)]
Mar 11 14:19:25 L_ERROR 01906|exec_query failed at [collector/connector/connector.c:165 (connector_exec_query)]
Mar 11 14:19:25 L_ERROR 01906|Failed to execute query at [collector/client/client_wrapper.c:143 (client_wrapper_get_data)]
Mar 11 14:19:25 L_ERROR 01906|An error occurred, sleeping for 5 min(s), 00 sec(s) or 300s before retrying

 

epo SQL Connect test via GUI -> OK

 

The datasource works fine for a long time. now it stops working

 

any ideas?

ESM 10.3.4

1 Reply

Re: SIEM | ePolicy Orchestrator data source stops gathering events

Any resolution to this?

 

/Mikael

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community