The following messages are output to the event log of the Symantec Endpoint Protection Manager server when it notifies the Resource Orchestrator manager of security risks.
Level
INFORMATION
Source
JSE_SWRC_FJSVRCXMGR
Event ID
201
Description
Execution of the Symantec coordination batch file (rcx_quarantine_lserver.bat) has started.
For UUID, a UUID assigned to each process is displayed.
Corrective Action
No action is necessary.
Level
INFORMATION
Source
JSE_SWRC_FJSVRCXMGR
Event ID
202
Description
Execution of the Symantec coordination batch file (rcx_quarantine_lserver.bat) has completed.
For UUID, a UUID assigned to each process is displayed.
Corrective Action
No action is necessary.
Level
ERROR
Source
JSE_SWRC_FJSVRCXMGR
Event ID
601
Description
Execution of the Symantec coordination script file (rcx_quarantine_lserver.ps1) failed.
For UUID, a UUID assigned to each process is displayed.
Corrective Action
Collect the event log (application log), and contact Fujitsu technical staff.
Level
INFORMATION
Source
JSE_SWRC_FJSVRCXMGR
Event ID
211
Description
Execution of the Symantec coordination script file (rcx_quarantine_lserver.ps1) has started.
For UUID, a UUID assigned to each process is displayed.
Corrective Action
No action is necessary.
Level
INFORMATION
Source
JSE_SWRC_FJSVRCXMGR
Event ID
212
Description
A security risk has occurred on the virtual PC or physical server with the IP address displayed in "IP Address".
For UUID, a UUID assigned to each process is displayed.
Corrective Action
No action is necessary.
Level
INFORMATION
Source
JSE_SWRC_FJSVRCXMGR
Event ID
213
Description
Execution of the Symantec coordination script file (rcx_quarantine_lserver.ps1) has completed.
For UUID, a UUID assigned to each process is displayed.
Corrective Action
No action is necessary.
Level
WARNING
Source
JSE_SWRC_FJSVRCXMGR
Event ID
411
Description
An attempt to issue a REST API to the Resource Orchestrator manager to quarantine an L-Server failed.
Issuing will be re-attempted in one second.
For UUID, a UUID assigned to each process is displayed.
Corrective Action
No action is necessary.
Level
ERROR
Source
JSE_SWRC_FJSVRCXMGR
Event ID
611
Description
The environment definition file (rcx.config) does not exist.
Corrective Action
Use the rcx_register_ror.ps1 create command to create the environment definition file.
Level
ERROR
Source
JSE_SWRC_FJSVRCXMGR
Event ID
612
Description
Reading of the environment definition file (rcx.config) failed.
For UUID, a UUID assigned to each process is displayed.
Corrective Action
Check whether it is possible to access the environment definition file.
Level
ERROR
Source
JSE_SWRC_FJSVRCXMGR
Event ID
613
Description
The IP address of the virtual PC or physical server on which a security risk occurred was not received in a notification from Symantec Endpoint Protection Manager.
Preparation of Symantec Endpoint Protection Manager may not have been performed correctly.
For UUID, a UUID assigned to each process is displayed.
Corrective Action
Refer to "2.1 Preparations for Using the Automatic Quarantining Function", and check whether the antivirus software settings are correct.
Level
ERROR
Source
JSE_SWRC_FJSVRCXMGR
Event ID
614
Description
The IP address of the virtual PC or physical server on which a security risk occurred could not be obtained from the notification from Symantec Endpoint Protection Manager.
Preparation of Symantec Endpoint Protection Manager may not have been performed correctly.
For UUID, a UUID assigned to each process is displayed.
Corrective Action
Refer to "2.1 Preparations for Using the Automatic Quarantining Function", and check whether the antivirus software settings are correct.
Level
ERROR
Source
JSE_SWRC_FJSVRCXMGR
Event ID
615
Description
An attempt to issue a REST API to the Resource Orchestrator manager to quarantine an L-Server failed.
For UUID, a UUID assigned to each process is displayed.
In detail, the detailed message is displayed.
Corrective Action
Use the rcx_register_ror.ps1 show command to check whether Resource Orchestrator user information is registered correctly.
Check whether the Resource Orchestrator manager is operating correctly.
Confirm the content of detail, and take corrective action.
If taking the above corrective action does not solve the problem, collect the Windows event log (application log) and troubleshooting data of the Resource Orchestrator manager, and contact Fujitsu technical staff.
Level
ERROR
Source
JSE_SWRC_FJSVRCXMGR
Event ID
616
Description
An attempt to issue a REST API to the Resource Orchestrator manager to quarantine an L-Server failed. Issuing of a REST API failed three times in a row due to a service being temporarily unavailable.
For UUID, a UUID assigned to each process is displayed.
In detail, the detailed message is displayed.
Corrective Action
Use the rcx_register_ror.ps1 show command to check whether Resource Orchestrator user information is registered correctly.
Check whether the Resource Orchestrator manager is operating correctly.
Confirm the content of detail, and take corrective action.
If taking the above corrective action does not solve the problem, collect the Windows event log (application log) and troubleshooting data of the Resource Orchestrator manager, and contact Fujitsu technical staff.
