Exporting log data to a text file
|Article:HOWTO81168|||||Created: 2012-10-24|||||Updated: 2013-10-07|||||Article URL http://www.symantec.com/docs/HOWTO81168|
When you export data from the logs to a text file, by default the files are placed in a folder. That folder path is drive:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\dump. Entries are placed in a .tmp file until the records are transferred to the text file.
If you do not have Symantec Network Access Control installed, some of these logs do not exist.
You cannot restore the database by using exported log data.
Table: Log text file names for Symantec Endpoint Protection shows the correspondence of the types of log data to the names of the exported log data files. The log names do not correspond one-to-one to the log names that are used on the Logs tab of the Monitors page.
Table: Log text file names for Symantec Endpoint Protection
Table: Log text file names for the Enforcer logs shows the correspondence of the types of log data to the names of the exported log data files for the Enforcer logs.
Table: Log text file names for the Enforcer logs
Text File Name
Server Enforcer Activity
Enforcer Client Activity
When you export to a text file, the number of exported records can differ from the number that you set in the External Logging dialog box. This situation arises when you restart the management server. After you restart the management server, the log entry count resets to zero, but there may already be entries in the temporary log files. In this situation, the first *.log file of each type that is generated after the restart contains more entries than the specified value. Any log files that are subsequently exported contain the correct number of entries.
To export log data to a text file
In the console, click Admin.
Click the local site or remote site that you want to configure external logging for.
Click Configure External Logging.
On the General tab, select how often you want the log data to be sent to the file.
In the Master Logging Server list box, select the server that you want to send logs to.
If you use Microsoft SQL with more than one management server connecting to the database, only one server needs to be a Master Logging Server.
Check Export Logs to a Dump File.
If necessary, check Limit Dump File Records and type in the number of entries that you want to send at a time to the text file.
On the Log Filter tab, select all of the logs that you want to send to text files.
If a log type that you select lets you select the severity level, you must check the severity levels that you want to export.
Article URL http://www.symantec.com/docs/HOWTO81168