How to convert Protection Engine .LOG files to CSV format

Article:TECH201250  |  Created: 2012-12-31  |  Updated: 2013-02-18  |  Article URL http://www.symantec.com/docs/TECH201250
Article Type
Technical Solution


Subject

Issue



This article contains the instructions on how to convert Symantec Protection Engine's (SPE) .LOG files into CSV format.


Solution



The following command must be run from within the Symantec Protection Engine's main folder (e.g. C:\Program Files\Symantec\Scan Engine):

java -cp servers.jar;xalan.jar;commons-lang3-3.1.jar com.symantec.reporting.LogFileConverter -c <path to .LOG file> 

Note: in order for the "java" command to run, the Java Runtime Environment binary files location must be added to the PATH environment variable (e.g. %PATH%) 

 

Example:

C:\Program Files (x86)\Symantec\Scan Engine>java -cp servers.jar;xalan.jar;commons-lang3-3.1.jar com.symantec.reporting.LogFileConverter -c LOG\SSE20121213.log

Date/time of event,Event,Event Severity Level,URL,File name,File status,Component name,Component disposition,Scan Rule,Virus name,
Virus ID,Mail Policy Violation,Container Violation,File Attribute Violation,Matching URL,Categories,DDR Score,Scan Duration (sec),
Connect Duration (sec),Product Version,Decomposer Version,Virus definitions,Symantec URL Definitions,DDR Definitions Version,Previ
ous virus definitions,Previous Symantec URL Definitions,Previous DDR Definitions Version,Definitions,Outbreak Events,Outbreak Inte
rval (sec),Error Message,Feature Name,Expiration Date,Scanner,Result ID,Symantec Protection Engine threshold queue size,Symantec P
rotection Engine number of queued items,Client SID,Client Computer,Client IP,Server IP,Subscriber ID,Logging Destination,Symantec
Protection Engine IP address,Symantec Protection Engine Port number,Uptime (in seconds),Filer IP,RPC Request ID,Non Viral Threat N
ame,Non Viral Threat ID,Security Risk Definitions,Statistics String,Start Time,End Time,Configured Scan Requests per second,Scan R
equests per second,Update Method,Security Risk Category,CAIC URL Definitions,Previous CAIC URL Definitions,User Login Name,Console
 IP,Group name,Warning Message,Uber Category,Sub Category ID,Sub Category Name,Sub Category Description,Cumulative Risk Rating,Per
formance impact,Privacy impact,Ease of removal,Stealth
Thu Dec 13 08:11:53 EST 2012,Startup,Information,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,192.168.2.10,1344,65,,,,,,,,,,,,,,,,,,,,,
,,,,,,
Thu Dec 13 08:11:53 EST 2012,Version Information,Information,,,,,,,,,,,,,,,,,7.0.0.46,5.2.0.16,20121209.006,20100817.045,,,,,,,,,,
,,,,,,,,,,,192.168.2.10,1344,65,,,,,,,,,,,,,20121207.033,,,,,,,,,,,,,,
 




Article URL http://www.symantec.com/docs/TECH201250


Terms of use for this information are found in Legal Notices