Endpoint Protection

On my SEPM, I have it configured to send logs to syslog server. BeEfore I did that though I had turned on 'Export logs to dump file.' NO my traffic log is 12 gig! Can i safely delete and or move these dump files?

Thank you!

Check this thread

https://www-secure.symantec.com/connect/forums/traffic-folder-sepm

https://www-secure.symantec.com/connect/forums/sep-121-space-issues

You should be able to move/delete it but you may need to stop the SEPM service first. If you delete, you willl lose that data obviously.

Thank you for the replies. The files in question are not .dat files but .log files created by enabling 'Export logs to dump file.' in file path C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\dump

Frustrating I cannot find a Symantec techdoc that addresses this.

I believe this is just a repository for those files and can be deleted. Obviously, you lose the data if you delete. Better to move them off somewhere else if you can.

I couldn't find much on it either though in the public KB.

Hello,

Thanks for calling Symantec. (Case # 05593826) 

I would suggest you to first disable the logging of Syslog from SEPM, then delete the logs OR take a backup (just in case) before deletion.

You can also try editing the firewall policies to disable logging for any rules where this is no longer needed.

OR

Secondly you can try the following steps -  In SEPM >> Admin >> Servers >> localhost >> Edit Database Properties >> Log Settings

Change the 50,000 entries change that to 10,000 or 5000

The traffic Logs would be set for 60 days change that to 10 days

Then it should bring down the size.

Regards,