How to enable debug logging on the Symantec Integrated Enforcer Plugin

Article:TECH105599  |  Created: 2008-01-11  |  Updated: 2011-12-22  |  Article URL
Article Type
Technical Solution


With the Symantec Network Access Control (SNAC) product, what are the steps to enable debug logging on the Symantec Integrated Enforcer Plugin?



Debug logs for the Symantec Integrated Enforcer Plugin are saved to the "Debug" subfolder of the Enforcer installation directory, typically:

C:\Program Files\Symantec\Integrated Enforcer\Debug\debug.log
C:\Program Files\Symantec\Integrated Enforcer\Debug\snacDebugLog.log

To enable more detailed logging set the following registry key:

[HKEY_LOCAL_MACHINE\SOFTWARE\Symantec Endpoint Protection\SNAC\Enforcer\integratedenf]


The full list of available debug levels are: DISABLE, FATAL, ERROR, INFORMATION, SUPPORT AND ENGINEER
The default level is INFORMATION.

The debug.log and snacDebugLog.log files are in use and cannot be read or copied while the Enforcer services are running. To collect the files, temporarily stop the "Symantec Integrated Enforcer" and "Symantec NAC Communication Service" services.

Also see

TECH102413 - How to: Debug the Symantec Endpoint Protection Manager (SEPM) console
TECH103211 - How to: Enable debugging of the Symantec Enforcer Appliance
TECH102412 - How to debug the Symantec Endpoint Protection client

Legacy ID


Article URL

Terms of use for this information are found in Legal Notices