Hello,
You could create a Application and Device Control Report (Scheduled) which could be emailed.
Application and Device Control Reports displays information about events where some type of behavior was blocked. These reports include information about application security alerts, blocked targets, and blocked devices. Blocked targets can be registry keys, dlls, files, and processes.
Reference:
About the different types of Symantec Endpoint Protection Manager Reports
http://www.symantec.com/business/support/index?page=content&id=TECH95538
Saving and deleting filters
http://www.symantec.com/docs/HOWTO27267
Note: The Above Articles were originally created for SEP 11.x, however the same steps work for SEP 12.1.
Hope that helps!!