Symantec Endpoint Protection Manager version 12.1.3
I've got an environment with clients at version 12.1.3, as well as an uninstall password set. Is it possible to audit (through SEPM) when an uninstallation is performed/initiated?
This is not possible via the SEPM.
You can submit this as a product suggestion:
How to submit a suggestion for a Symantec security product
Not possible with SEPM as of now.
It is not be possibile from SEPM and if you have set an uninstallation password then there is not be possible to remove the client without password.
Not possible at this point & can be a good suggestion also but practically I doubt how feasible it would be to implement.