Endpoint Protection

 View Only

  • 1.  Is it possible to pull the logs from SEPM using SEPM_Web Services SDK?

    Posted Aug 21, 2015 06:12 AM

    Hi,

    We have total of 20 SEPMs across globally, it is difficult to loggin in and pulling the logs on daily basis.

    Hence we are trying to find a solution to pull the logs automatically from all the SEPMs.

    We have a query and we have seen the SDKs are available for SEPM Webservices. So is there a option or feasibility to use the SDK and pull the logs from SEPM? Kindly suggest.

    https://support.symantec.com/en_US/article.TECH213103.html

     

     



  • 2.  RE: Is it possible to pull the logs from SEPM using SEPM_Web Services SDK?

    Posted Aug 21, 2015 06:29 AM

    If you're familiar with scripting then yes you could.

    You may also be able to leverage the Symantec Protection Center (SPC)

    http://www.symantec.com/docs/TECH164070



  • 3.  RE: Is it possible to pull the logs from SEPM using SEPM_Web Services SDK?

    Posted Aug 21, 2015 07:55 AM

    know Scripting , but require some understanding like from where the reports can be pulled. 

    I mean the interface. a Clue.

    Under which class , which package that particular interface to fetch logs.


    com.symantec
    com.symantec.sepm
    com.symantec.sepm.webservice
    com.symantec.sepm.webservice.admin
    com.symantec.sepm.webservice.admin.license
    com.symantec.sepm.webservice.client
    com.symantec.sepm.webservice.client.command
    com.symantec.sepm.webservice.common
    com.symantec.sepm.webservice.common.constants
    com.symantec.sepm.webservice.common.exception
    com.symantec.sepm.webservice.common.model
    com.symantec.sepm.webservice.common.security
    com.symantec.sepm.webservice.common.validation
    com.symantec.sepm.webservice.docs
    com.symantec.sepm.webservice.liveupdate
    com.symantec.sepm.webservice.policy

     

    Would be fine with some explanation with examples.

     



  • 4.  RE: Is it possible to pull the logs from SEPM using SEPM_Web Services SDK?

    Posted Aug 21, 2015 10:18 AM

    What kind of logs are you after, and have you already looked at the External Logging (syslog) options in the SEPM?

    http://www.symantec.com/docs/HOWTO81169



  • 5.  RE: Is it possible to pull the logs from SEPM using SEPM_Web Services SDK?

    Posted Aug 22, 2015 03:20 PM

    I would rather recommend in order :)

     

    1. Install IT-Analytics and configure it to pull data from all SEPMs. ITA is a reporting tool for SEP that is really powerfull. It can also centralize data from serveral SEPMs.

    https://www-secure.symantec.com/connect/blogs/symantec-endpoint-protection-pack-altiris-it-analytics-75-symantec-version-1214-documentation

    2. Configure SEPM to send Syslog to Accelops or similar

    2. Custom build something. But use the SQL instead of the WEB API. It is much easier :)

    Symantec Protection Center was EOL years ago btw.

     


    Torb
     



  • 6.  RE: Is it possible to pull the logs from SEPM using SEPM_Web Services SDK?

    Posted Aug 27, 2015 08:08 AM

    Hi SMLAtCST,

    Thanks for your reply, we have tried the options u said already.

    Hi TORB,

    Thanks for the suggestion. we know about the ITA , our requirement is just get logs from all sepm available in our infra.

    So , from a machine i have to run an application which have to connect all sepm and fetch logs. 

    like using sep web console. we do not have centralised DB server , if we have centralized db in place , our process is easy. 

    My problem here is ,that how to achieve using the web_service_sdk for fetching logs from all sepm available in infra.

    seen classes and packages , found client,admin,common within this which class and package is responsible for logs. 

    It will helpful if anyone suggest the class name and package with some defined example.

    thank you guys.