SEP log files location

Article:TECH141236  |  Created: 2010-10-05  |  Updated: 2010-11-18  |  Article URL
Article Type
Technical Solution



You need to know the function of each of the log files available in the Symantec Endpoint Protection client, for automated parsing to collect information, for instance.


In the C:\Program Files\Symantec\Symantec Endpoint Protection, one may find:
  • AVMan.log - AV Management plugin log (contains copies of all AV events)
  • GUProxy.log - GUP plugin log (if you have a GUP enabled)
  • LUMan.log - SEP Client LiveUpdate plugin log
  • processlog.log - Application and Device Control log
  • rawlog.log - Firewall Packet log
  • seclog.log - Security log (IPS events mainly)
  • syslog.log - System log
  • tralog.log - Firewall Traffic log

Article URL

Terms of use for this information are found in Legal Notices