Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Inceasing the file size of the traffic log?

Created: 01 Mar 2014 • Updated: 01 Mar 2014 | 4 comments
This issue has been solved. See solution.

The maximun file size of the traffic log in SEP 12.1 is 15360KB. But I need to debug the connection of my server. The maximun file size can only accommodates a log entry for about 20 minutes.

Is it possible to increase the size beyond limit or can I choose to only log blocked connections?

Best regards,

Operating Systems:

Comments 4 CommentsJump to latest comment

.Brian's picture

The size limit is hardcoded so you can't go beyond that. I would suggest only logging the exact rule(s) you need to see by editing this in the fw policy.

Customizing firewall rules

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Jermin's picture

I forgot to said that I am running an unmanaged client. I seems to me that the tutorial in that article is not for an unmanaged client.

I can only see a "Record this traffic in the Packet log" option in a firewall policy. There aren't any options to record traffics in the traffic log.

.Brian's picture

Ahh sorry should've asked. Unfortunately, when it comes to the unmanaged client, you cannot configure logging of rules. When creating rules, they are all logged by default.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Rafeeq's picture

Check this 

How to debug the Symantec Endpoint Protection client

http://www.symantec.com/business/support/index?page=content&id=TECH102412

NOTE: When using the default limit of 256 KB, the log file can rollover in a short period of time. Because of this, you may need to adjust the log size limit to a higher value (i.e., somewhere between 20,000 to 100,000 KB.) To modify the log file size limit, add the following "Log" key and "debug_log_filesize" value:

[HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC\Log]
debug_log_filesize=dword:00004e20
  

In the above example, the value of "debug_log_filesize" is the maximum amount of space (measured in bytes) that the "debug.log" file can consume. The number is written in hexadecimal (i.e., 00004e20 = 20,000 KB). The Symantec Endpoint Protection user interface allows an upper limit on the log size of 100,000 KB. If necessary, you can force the value higher by setting it here in the registry.

 

SOLUTION