Exporting log data to a text file

Article:HOWTO81168  |  Created: 2012-10-24  |  Updated: 2013-10-07  |  Article URL http://www.symantec.com/docs/HOWTO81168
Article Type
How To


Subject


Exporting log data to a text file

When you export data from the logs to a text file, by default the files are placed in a folder. That folder path is drive:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\dump. Entries are placed in a .tmp file until the records are transferred to the text file.

If you do not have Symantec Network Access Control installed, some of these logs do not exist.

Note:

You cannot restore the database by using exported log data.

Table: Log text file names for Symantec Endpoint Protection shows the correspondence of the types of log data to the names of the exported log data files. The log names do not correspond one-to-one to the log names that are used on the Logs tab of the Monitors page.

Table: Log text file names for Symantec Endpoint Protection

Log Data

Text File Name

Server Administration

scm_admin.log

Application and Device Control

agt_behavior.log

Server Client

scm_agent_act.log

Server Policy

scm_policy.log

Server System

scm_system.log

Client Packet

agt_packet.log

Client Proactive Threat

agt_proactive.log

Client Risk

agt_risk.log

Client Scan

agt_scan.log

Client Security

agt_security.log

Client System

agt_system.log

Client Traffic

agt_traffic.log

Table: Log text file names for the Enforcer logs shows the correspondence of the types of log data to the names of the exported log data files for the Enforcer logs.

Table: Log text file names for the Enforcer logs

Log Data

Text File Name

Server Enforcer Activity

scm_enforcer_act.log

Enforcer Client Activity

enf_client_act.log

Enforcer System

enf_system.log

Enforcer Traffic

enf_traffic.log

Note:

When you export to a text file, the number of exported records can differ from the number that you set in the External Logging dialog box. This situation arises when you restart the management server. After you restart the management server, the log entry count resets to zero, but there may already be entries in the temporary log files. In this situation, the first *.log file of each type that is generated after the restart contains more entries than the specified value. Any log files that are subsequently exported contain the correct number of entries.

To export log data to a text file

  1. In the console, click Admin.

  2. Click Servers.

  3. Click the local site or remote site that you want to configure external logging for.

  4. Click Configure External Logging.

  5. On the General tab, select how often you want the log data to be sent to the file.

  6. In the Master Logging Server list box, select the server that you want to send logs to.

    If you use Microsoft SQL with more than one management server connecting to the database, only one server needs to be a Master Logging Server.

  7. Check Export Logs to a Dump File.

  8. If necessary, check Limit Dump File Records and type in the number of entries that you want to send at a time to the text file.

  9. On the Log Filter tab, select all of the logs that you want to send to text files.

    If a log type that you select lets you select the severity level, you must check the severity levels that you want to export.

  10. Click OK.


Legacy ID



v8440135_v81626096


Article URL http://www.symantec.com/docs/HOWTO81168


Terms of use for this information are found in Legal Notices