How to read and convert the Symantec Scan Engine 5.x log file

Article:TECH84204  |  Created: 2006-01-06  |  Updated: 2013-08-29  |  Article URL http://www.symantec.com/docs/TECH84204
Article Type
Technical Solution


Environment

Issue



You want to read the log file generated by Symantec Scan Engine 5.x


Solution




In order of least effort, the following methods exist for reading the Scan Engine logs:

    • In the Scan Engine web interface, on Reports> Detailed, click all the options and select the time range you wish to examine.
    • At the command line interface (CLI) of the operating system where Scan Engine is installed, use the servers.jar file with Java Runtime Environment (JRE) 1.4.2 to display the logs in human-readable form.
    • If Scan Engine is mounted on Windows, you can examine corresponding log entries from a source of SYMCScan in the Application Log of the Windows Event Viewer.




To display the logfile in the web interface of Scan Engine 5.x

    1. In the web interface, on the primary navigation bar, click Reports.
    2. In the sidebar under Views, click Detailed.
      In the content area under Log View Page, in the Date range boxes, type the start and end dates for the range you want to report.
      Specify a date in MM/DD/YY format. For example, 02/25/06.
    3. If desired, In the Time range boxes, type the daily start and end times for which you want to report.
      Specify a 24-hour time in HH:MM:SS format. For example, 23:30:00 is 11:30 P.M.
    4. Check any activities for which you want to view the log data.
      To select all items in every category, press Ctrl+A on your keyboard.
      To unselect all items in every category, press Ctrl+Z on your keyboard.
    5. In the sidebar under Tasks, click Generate Report.




To convert the logfile to human-readable format via command line for Windows/Linux/Solaris

    1. Log into Windows with an account that has local Administrator rights
    2. Click Start. Click Run.
    3. In the run field, type: cmd
    4. Click OK.
    5. Change directory to the Scan Engine program directory.

      Windows 32-bit OS: c:\Program Files\Symantec\Scan Engine
      Windows 64-bit OS: c:\Program Files (x86)\Symantec\Scan Engine
      Linux/Solaris: /opt/SYMCScan/bin

       
    6. To parse the logfile with Java, type the following command: java -cp servers.jar;xalan.jar com.symantec.reporting.LogFileConverter .\log\SSExxxxx.log
    7. Java will convert the contents of the log file to a "human readable" form and send it to the STDOUT device.

 

To convert the logfile to a CSV file via command line for Windows/Linux/Solaris

    1. Log into Windows with an account that has local Administrator rights
    2. Click Start. Click Run.
    3. In the run field, type: cmd
    4. Click OK.
    5. Change directory to the Scan Engine program directory.

      Windows 32-bit OS: c:\Program Files\Symantec\Scan Engine
      Windows 64-bit OS: c:\Program Files (x86)\Symantec\Scan Engine
      Linux/Solaris: /opt/SYMCScan/bin

    6. To parse the logfile with Java, type the following command: java -cp servers.jar;xalan.jar com.symantec.reporting.LogFileConverter -c .\log\SSExxxxx.log > .\output.csv



To locate corresponding log entries in the Application Log of Windows Event Viewer

    1. Click Start> Run
    2. Type: eventvwr
    3. Click OK.
    4. In the left pane, click Application.
    5. Click View.
    6. Click Filter.
    7. In the Event Source dropdown box, select "SYMCScan"
    8. To review an individual event,double-click on it.


 

 

Note: In KB, TECH134905, we provide an executable JAR file which converts the Symantec Scan Engine 5.x log file(s); as well as provides warning message, error message, and load analysis. 

 



Technical Information
As of this writing, it is not possible to use a JRE 1.5.x or later to run the command. You need to have a JRE 1.4 installed somewhere.

It is possible to map the C drive of the scan engine to a different machine and run the command, if JRE 1.5 is installed on the ScanEngine itself.


To export a list of events from Windows Event Viewer in .csv format

    1. Click Application on the left pane, then click Export List...
    2. In the Save As Type dropdown box, click "Text (Comma Delimited) (*.csv)"
    3. Type a filename for the list you are exporting.
    4. Click Save.


The resulting file can be reviewed in most common spreadsheet applications.
 




Legacy ID



2006020614513354


Article URL http://www.symantec.com/docs/TECH84204


Terms of use for this information are found in Legal Notices