Configuring client log settings

Article:HOWTO26891

Created: 2010-01-08

Updated: 2010-01-15

Article URL http://www.symantec.com/docs/HOWTO26891

Article Type
How To

Product(s)

Show all

Environment

Show all

CLOSE X

Windows Server 2008
Web Edition (x86) SP2, Web Edition (x86), Web Edition (x64) SP2, Web Edition (x64), Standard (x86-32bit) SP2, Standard (x86-32bit), Standard (x64-64bit) SP2, Standard (x64-64bit), Server Core, Enterprise (x86-32bit) SP2, Enterprise (x86-32bit), Enterprise (x64-64bit) SP2, Enterprise (x64-64bit), DataCenter (x86-32bit) SP2, DataCenter (x86-32bit), DataCenter (x64-64bit) SP2, DataCenter (x64-64bit)

Windows Server 2008 R2
WebServer (x64-64bit), Standard (x64-64bit), Enterprise (x64-64bit), DataCenter (x64-64bit)

VMWare ESX
4.0, 3.5 U4, 3.5 U3, 3.5 U2, 3.5 U1, 3.5, 3.0.2, 3.0.1, 3.0, 2.5

Windows XP
Pro 5.1 SP3, Pro 5.1 SP2, Pro 5.1 SP1, Pro 5.1 64 bit SP3, Pro 5.1 64 bit SP2, Pro 5.1 64 bit SP1, Embedded SP3, Embedded SP2, Embedded SP1

Windows Vista
Ultimate RC2, Ultimate (x86) 6.0.6000, Ultimate (x64) 6.0.6000, Starter (x86) 6.0.6000, RC2, Home RC2, Home Premium RC2, Home Premium (x86) 6.0.6000, Home Premium (x64) 6.0.6000, Home Basic (x86) 6.0.6000, Home Basic (x64) 6.0.6000, Enterprise RC2, Enterprise 6.0.6000, Business RC2, Business (x86) 6.0.6000, Business (x64) 6.0.6000

Windows Small Business Server 2008
Standard Edition, Premium Edition

Windows Server 2003 R2
Web Edition (x86), Web Edition (x64), Storage Server Edition (x86), Storage Server Edition (x64), Standard Edition (x86), Standard Edition (x64), Enterprise Edition (x86), Enterprise Edition (x64), Datacenter Edition (x86), Datacenter Edition (x64)

GSX Server for Windows
3.2

Windows Server 2003
Web Server, Web Edition SP2, Web Edition SP1, Storage Server SP2, Storage Server SP1, Storage Server (x64) SP2, Storage Server (x64) SP1, Storage Server (x64), Storage Server, Standard Server(x64), Standard Server SP2 (x64), Standard Server SP2, Standard Server SP1 (x64), Standard Server SP1, Standard Server, Enterprise SP2(x64), Enterprise SP2, Enterprise SP1(x64), Enterprise SP1(IA64), Enterprise ServerSP1, Enterprise Server, Enterprise (x64), Enterprise (IA64), Datacenter SP2(x64), DataCenter SP2

VMware Workstation
6.5, 6.0, 5.0

Windows Small Business Server 2003
Standard Edition

Windows Fundamentals for Legacy PCs
5.1 SP3

Languages

Show all

Configuring client log settings

If you have installed Symantec Endpoint Protection, you can configure some client log options. You can configure the number of entries kept in the logs and the number of days that each entry is kept on the client.

You can configure settings for the following client logs:

Control
Packet
Risk
Security
System
Traffic

lf you have Symantec Network Access Control installed, you can enable and disable logging, and send Enforcer logs to the management server. You can also configure the number of log entries and the number of days the entries are kept on the client.

For more information about the Enforcer logs, see the Implementation Guide for Symantec Network Access Control Enforcement.

For the Security, Risk, and Traffic logs, you can also configure the damper period and the damper idle period to be used for event aggregation.

You can configure whether or not to upload each type of client log to the server, and the maximum size of the uploads.

If you choose not to upload the client logs, it has the following consequences:

You cannot view the client log data from the Symantec Endpoint Protection Manager console by using the Logs tab on the Monitoring page.
You cannot back up the client logs when you back up the database.
You cannot export the client log data to a file or a centralized log server.

To configure client log settings

On the console, click Clients.
On the Policies tab, under Location-independent Policies and Settings, under Settings, click Client Log Settings.
In the Client Log Settings for group name dialog box, set the maximum file size and the number of days to keep log entries.
Check Upload to management server for any logs that you want the clients to forward to the server.
For the Security log and Traffic log, set the damper period and the damper idle period.
These settings determine how frequently Network Threat Protection events are aggregated.
Set the maximum number of entries that you want a client to upload to the manager at a time.
Click OK.

Legacy ID

349248

Article URL http://www.symantec.com/docs/HOWTO26891

Configuring client log settings

Configuring client log settings

Legacy ID

Please Sign In

Knowledge Base Search

Knowledge Base Search

MySymantec

MySymantec

Contacting Support

Contacting Support