Hello,
The Audit log contains information about policy modification activities, such as the event times and types, policy modifications, domains, sites, administrators, and descriptions.
The default Audit quick report is called Policies Used. View the Policies Used report to monitor the policies in use in your network, by group. You can look at the Audit log when you want to see which administrator changed a particular policy and when.
Check this - http://www.symantec.com/docs/HOWTO27244
About the reports you can run
Check these Articles:
About log types
http://www.symantec.com/docs/HOWTO27271
About Computer Status reports and logs
http://www.symantec.com/docs/TECH95541
About the different types of Symantec Endpoint Protection Manager Reports
http://www.symantec.com/docs/TECH95538
For Client updates:
Monitors > Logs > [Log type] System > [Log content] Client Activity > Advanced Settings > [Event type] Installation events
OR
If you're using AutoUpgrade method to upgrade your clients, you can also try the following:
Monitors > Logs > [Log type] System > [Log content] Client-Server Activity > Advanced Settings > [Event type] AutoUpgrade download
Reference: https://www-secure.symantec.com/connect/forums/sepm11-audit-logs
Hope that helps!!