SEP log files location

Article:TECH141236  |  Created: 2010-10-05  |  Updated: 2010-11-18  |  Article URL http://www.symantec.com/docs/TECH141236
Article Type
Technical Solution


Environment

Issue



You need to know the function of each of the log files available in the Symantec Endpoint Protection client, for automated parsing to collect information, for instance.


Solution



In the C:\Program Files\Symantec\Symantec Endpoint Protection, one may find:
 
  • AVMan.log - AV Management plugin log (contains copies of all AV events)
  • GUProxy.log - GUP plugin log (if you have a GUP enabled)
  • LUMan.log - SEP Client LiveUpdate plugin log
  • processlog.log - Application and Device Control log
  • rawlog.log - Firewall Packet log
  • seclog.log - Security log (IPS events mainly)
  • syslog.log - System log
  • tralog.log - Firewall Traffic log



Article URL http://www.symantec.com/docs/TECH141236


Terms of use for this information are found in Legal Notices