Message Image

Skip main navigation (Press Enter).

Endpoint Protection

View Only

Back to discussions

Expand all | Collapse all

Email application control logs

Jump to Best Answer

Migration UserJun 19, 2012 04:35 PM

Hey, I have just added a new rule for Log files written to USB drives , it is working fine , but in ...

Mithun SanghaviJun 21, 2012 04:18 AMBest Answer

Hello, You could create a Application and Device Control Report (Scheduled) which could be emailed. ...

1. Email application control logs

0 Recommend
Migration User
Posted Jun 19, 2012 04:35 PM

Reply Reply Privately
Hey,

I have just added a new rule for Log files written to USB drives , it is working fine , but in order to check the logs I have to go into SEPM manually to Monitor\Logs\Application and device control\view log. Is there anyway to email of report of these logs?? I cannot seem to find a way, but i just do not understand how this is possible. Or even a way to export the logs on a schedule?

Any help will be much appreciated. We are running SEP 12.1

thanks,
2. RE: Email application control logs
Best Answer

0 Recommend
Trusted Advisor

Mithun Sanghavi
Posted Jun 21, 2012 04:18 AM

Reply Reply Privately
Hello,

You could create a Application and Device Control Report (Scheduled) which could be emailed.

Application and Device Control Reports displays information about events where some type of behavior was blocked. These reports include information about application security alerts, blocked targets, and blocked devices. Blocked targets can be registry keys, dlls, files, and processes.

Reference:

About the different types of Symantec Endpoint Protection Manager Reports

http://www.symantec.com/business/support/index?page=content&id=TECH95538

Saving and deleting filters

http://www.symantec.com/docs/HOWTO27267

Note: The Above Articles were originally created for SEP 11.x, however the same steps work for SEP 12.1.

Hope that helps!!

Copyright 2019. All rights reserved.

Powered by Higher Logic