Creating exceptions from log events in Symantec Endpoint Protection Manager

Article:HOWTO55214  |  Created: 2011-06-29  |  Updated: 2011-12-16  |  Article URL http://www.symantec.com/docs/HOWTO55214
Article Type
How To


Subject


Creating exceptions from log events in Symantec Endpoint Protection Manager

You can create exceptions from log events for virus and spyware scans, SONAR, application control, and Tamper Protection.

Table: Exceptions and log types

Exception Type

Log Type

File

Risk log

Folder

Risk log

SONAR log

Known risk

Risk log

Extension

Risk log

Application

Risk log

SONAR log

Trusted Web domain

Risk log

SONAR log

Application control

Application and Device Control log

Tamper Protection

Application Control log

See Monitoring endpoint protection

Symantec Endpoint Protection must have already detected the item for which you want to create an exception. When you use a log event to create an exception, you specify the Exceptions policy that should include the exception.

See Managing exceptions for Symantec Endpoint Protection

See Creating exceptions for Symantec Endpoint Protection

To create exceptions from log events in Symantec Endpoint Protection Manager

  1. On the Monitors tab, click the Logs tab.

  2. In the Log type drop-down list, select the Risk log, SONAR log, or Application and Device Control log.

  3. If you selected Application and Device Control, select Application Control from the Log content list.

  4. Click View Log.

  5. Next to Time range, select the time interval to filter the log.

  6. Select the entry or entries for which you want to create an exception.

  7. Next to Action, select the type of exception that you want to create.

    The exception type that you select must be valid for the item or items that you selected.

  8. Click Apply.

  9. In the dialog box, remove any items that you do not want to include in the exception.

  10. For security risks, check Log when the security risk is detected if you want Symantec Endpoint Protection to log the detection.

  11. Select all of the Exceptions policies that should use the exception.

  12. Click OK.


Legacy ID



v40057916_v59371754


Article URL http://www.symantec.com/docs/HOWTO55214


Terms of use for this information are found in Legal Notices