Video Screencast Help

How can i collect users day to day logs

Created: 01 Mar 2013 • Updated: 05 Mar 2013 | 6 comments
This issue has been solved. See solution.

Hi,

 

How can i collect logs of users of day-to-day works from symantec endpoint protection. I have Symantec Endpoint Portection 12.1.2. Please reply its very urgent.

Operating Systems:

Comments 6 CommentsJump to latest comment

Rafeeq's picture

what kind of logs you want to collect?

these are the logs available 

 

Interpreting the log files for Symantec AntiVirus Corporate Edition and Symantec Endpoint Protection

http://www.symantec.com/business/support/index?page=content&id=TECH100099
 
if you want to chekc what sofwares are installed on clinet you need to enable learned application
 
How to set up learned applications in the Symantec Endpoint Protection Manager
 
http://www.symantec.com/business/support/index?page=content&id=TECH102994
SOLUTION
SebastianZ's picture

What kind of logs/reports you need? You can create a customized reports for all clients from the SEPM console.

About client logs configurations:

http://www.symantec.com/docs/TECH153987

 

Abotu managing SEP clients on the network:

http://www.symantec.com/docs/HOWTO55302

sandeep@chipsbytes.co.in's picture

Hi, 

Thanks replying, I want logs such as Users website surfing, Emails, Chatting on Facebook or other soical Networking site etc. I want to Monitor users. Please help me. 

SebastianZ's picture

This is not possible with SEP - only option here is to monitor and restrict the application executed by users with help of ADC component - have a look here as well:

https://www-secure.symantec.com/connect/forums/how...

https://www-secure.symantec.com/connect/forums/mon...

 

You would need another symantec software to monitor the user activity on the web and this would be

Symantec Web Gateway Features URL filtering with flexible policy controls, and in-depth reporting and alerts.

http://www.symantec.com/business/web-gateway

...have a look here

https://www-secure.symantec.com/connect/forums/any...

Rafeeq's picture

Thats not possible with SEP.

You can only learn what applications are installed on the Client.

Emails/ FB/ all comes under HTTP so you can consider firewall rules to block them. Even then it wont give you the report like Threat management gateway / ISA 

 

Customizing firewall rules

 

http://www.symantec.com/business/support/index?pag...

sandeep@chipsbytes.co.in's picture

Hi,

Thanks for reply again. Ok. I will tired from firewall. Thanks