Views:

Why is the xES Sensor failing to connect?

TrendAI Vision One™ Endpoint (Cloud Endpoint, Endpoint Response) leverages cURL to communicate with backend services, such as download installer / policy and upload telemetry / detection. In situation where it is proxy configured, the following HTTP error can be see in the communication payload from the agent debug log:

"http_error": {

        "net_status": 56,

        "network_status_message": "Failure when receiving data from the peer",

        "status": 0,

        "status_category": 0

    },

There are situations where the proxy server is configured, but responses from the proxy server cannot be understood by the endpoint's cURL module. It is suggested to bypass the *.trendmicro.com FQDN in the proxy and let the communications not pass through the proxy server.

In Endpoint Basecamp in similar cases, "*.trendmicro.com" in bypass proxy setting is suggested, but note that "*.trendmicro.com" with asterisk "*" is not supported by cURL module.

Based on this information it is suggested to add another item "trendmicro.com" to support cURL module if adding "*.trendmicro.com" has already been suggested.

Step-by-Step Procedure on How to Bypass Proxy for TrendAI Vision One™

1. Configure Proxy Bypass on the Endpoint

Set up the bypass_proxy setting manually on the target endpoint to let the communication.

Proxy Bypass for Windows 11:

  1. Click Start, then navigate to Settings > Network & Internet > Proxy.
  2. Under "Manual proxy setup" next to "Use a proxy server", select Set up.
  3. In the "Edit proxy server" dialog box, locate the field "Use the proxy server except for addresses that start with following entries..." and add the new item "trendmicro.com".
  4. Click Save.

Proxy Bypass for Windows 10:

  1. Click Start, then navigate to Settings > Network & Internet > Proxy.
  2. Verify that "Manual proxy setup" has already been turned on.
  3. In the field "Use the proxy server except for addresses that start with following entries..." and add the new item "trendmicro.com".
  4. Click Save.

Proxy Bypass General Setup for Windows:

  1. Open the Control Panel, click Network and Internet then select Internet Options.
  2. Go to the Connections tab and click LAN settings.
  3. Under Proxy Server, turn on "Use a proxy server for your LAN".
  4. In the field "Use the proxy server except for addresses that start with following entries..." and add the new item "trendmicro.com".
  5. Click Save.

2. Verify and Re-trigger Installation

Once the bypass is configured, you must refresh the sensor's connection state:

  1. Trigger the TrendAI Vision One™ Endpoint install to check if the function returns to normal.
  2. Trigger the feature from TrendAI Vision One™ Console again to check if the function returns to normal.
Keywords: how to fix TrendAI Vision One failed to enable XES, how to fix xES sensor failed to install error in TrendAI Vision One, how to fix TrendAI Vision One Cloud Endpoint Service sensor for Windows OS, how to fix Trend Vision One failed to enable XES, how to fix xES sensor failed to install error in Trend Vision One, how to fix Trend Vision One Cloud Endpoint Service sensor for Windows OS,