Specifying client log size and which logs to upload to the management server
Company policy might require you to increase the time and type of log events that the database keeps. You can specify the number of entries kept in the logs and the number of days that each entry is kept on the client.
You can configure whether or not to upload each type of client log to the server, and the maximum size of the uploads. If you choose not to upload the client logs, it has the following consequences:
You cannot view the client log data from the Symantec Endpoint Protection Manager console by using the Logs tab on the Monitors page.
You cannot back up the client logs when you back up the database.
You cannot export the client log data to a file or a centralized log server.
Some client log settings are group-specific and some are set in the Virus and Spyware Protection policy, which can be applied to a location. If you want all remote client log and office client log settings to differ, you must use groups instead of locations to manage remote clients.
See Specifying how long to keep log entries in the database.
To specify client log size and which logs to upload to the management server
On the console, click , and select a group.
On the Policies tab, under Location-independent Policies and Settings, click .
In the Client Log Settings for group name dialog box, set the maximum file size and the number of days to keep log entries.
Check for any logs that you want the clients to forward to the server.
For the Security log and Traffic log, set the damper period and the damper idle period.
These settings determine how frequently Network Threat Protection events are aggregated.