Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Policy modification data

Created: 27 Jan 2013 • Updated: 14 Feb 2013 | 7 comments
This issue has been solved. See solution.

I have one auditable query. I want the data of policy modifcation. When policy has change what change has been made and from which id.
I required the last 6 month data.
Any idea how to get it.

Discussion Filed Under:

Comments 7 CommentsJump to latest comment

pete_4u2002's picture

you will get to know who made the changes however the changes that have been made is not currently available.

canumahajan's picture

So you mean that this information not store in sep database

Ashish-Sharma's picture

Yes, Currently this details not available in sepm database

Thanks In Advance

Ashish Sharma

Ambesh_444's picture

Agreed with above comments.

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

Mithun Sanghavi's picture

Hello,

The Audit log contains information about policy modification activities, such as the event times and types, policy modifications, domains, sites, administrators, and descriptions.

The default Audit quick report is called Policies Used. View the Policies Used report to monitor the policies in use in your network, by group. You can look at the Audit log when you want to see which administrator changed a particular policy and when.

Check this - http://www.symantec.com/docs/HOWTO27244

About the reports you can run

Check these Articles:

About log types

http://www.symantec.com/docs/HOWTO27271

About Computer Status reports and logs

http://www.symantec.com/docs/TECH95541

About the different types of Symantec Endpoint Protection Manager Reports

http://www.symantec.com/docs/TECH95538

For Client updates:

Monitors > Logs >  [Log type] System > [Log content] Client Activity > Advanced Settings > [Event type] Installation events

OR

If you're using AutoUpgrade method to upgrade your clients, you can also try the following:

Monitors > Logs >  [Log type] System > [Log content] Client-Server Activity > Advanced Settings > [Event type] AutoUpgrade download

Reference: https://www-secure.symantec.com/connect/forums/sepm11-audit-logs

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUTION
SebastianZ's picture

Have a look here:

About the information in the Audit report and log

http://www.symantec.com/docs/HOWTO27244

...as per KB:

- audit report will give you information about policies being used and policy assignements

- audit log will show you all the policy related activities (policy added. edited etc.) - and what administrator has implemented the changes.