Endpoint Protection

 View Only

  • 1.  Reports and logs

    Posted Nov 04, 2013 11:46 AM

    Hi Symantec technical team,

    How can I find compliance reports and logs from Sepm server. Please help if you guys can.



  • 2.  RE: Reports and logs
    Best Answer

    Posted Nov 04, 2013 11:47 AM

    Hello,

    Please check Ambesh_444 post in below thread.

     

    https://www-secure.symantec.com/connect/forums/compliance-report-and-logs



  • 3.  RE: Reports and logs

    Posted Nov 04, 2013 11:48 AM

    ComplianceDisplays information about the compliance status of your network. These reports include information about Enforcer servers, Enforcer clients, Enforcer traffic, and host compliance.

    http://www.symantec.com/docs/TECH95538

    About Compliance reports and logs

    http://www.symantec.com/docs/TECH95540



  • 4.  RE: Reports and logs

    Posted Nov 04, 2013 11:50 AM

    These are the reports

    About the different types of Symantec Endpoint Protection Manager Reports

     

    http://www.symantec.com/business/support/index?page=content&id=TECH95538



  • 5.  RE: Reports and logs



  • 6.  RE: Reports and logs

    Trusted Advisor
    Posted Nov 04, 2013 12:52 PM

    Hello,

    You can collect the Compliance Logs.

    (SEPM > MONITORS > LOGS > Change the Logs type to "Compliance" > Advance Settings)

    The compliance logs contain information about the Enforcer server, Enforcer clients, and Enforcer traffic, and about host compliance.

    The following compliance logs are available if you have Symantec Network Access Control installed:

    • Enforcer Server

      This log tracks communication between Enforcers and their management server. Information that is logged includes Enforcer name, when it connects to the management server, the event type, site, and server name.

    • Enforcer Client

      Provides the information on all Enforcer client connections, including peer-to-peer authentication information. Available information includes time, each Enforcer's name, type, site, remote host, and remote MAC address, and whether or not the client was passed, rejected, or authenticated.

    • Enforcer Traffic (Gateway Enforcer only)

      Provides some information about the traffic that moves through an Enforcer appliance. Available information includes the time, the Enforcer name, the Enforcer type, and site. The information also includes the local port that was used, the direction, action, and a count. You can filter on the connection attempts that were allowed or blocked.

    • Host Compliance

      This log tracks the details of Host Integrity checks of clients. Available information includes the time, event type, domain/group, computer, user, operating system, description, and location.

     

    Reference:

    1) About log types

    http://www.symantec.com/docs/HOWTO27271

    2) About the different types of Symantec Endpoint Protection Manager Reports

    http://www.symantec.com/docs/TECH95538

    3) About Computer Status reports and logs

    http://www.symantec.com/docs/TECH95541

    4) Saving and deleting filters

    http://www.symantec.com/docs/HOWTO27267

    To be more Proactive with Reports and Logs, check these Articles:

    Metrics using data from SEPM

    https://www-secure.symantec.com/connect/articles/metrics-using-data-sepm

    Metrics using data from SEPM (Part2)

    https://www-secure.symantec.com/connect/articles/metrics-using-data-sepm-part2

    Metrics using data from SEPM (part three)

    https://www-secure.symantec.com/connect/articles/metrics-using-data-sepm-part-three

    Hope that helps!!



  • 7.  RE: Reports and logs

    Posted Nov 05, 2013 02:00 AM

    Hi

    Please refer the link below

    http://www.symantec.com/business/support/index?page=content&id=TECH95538&actp=search&viewlocale=en_US&searchid=1383633872961

    Regards