Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

SEP client Definitions updates

  • 1.  SEP client Definitions updates

    Posted Feb 05, 2013 11:47 PM

    When the SEP client updates the definitions over the internet, I dont see any logs updated in the system log under Client Management view logs "system log"



  • 2.  RE: SEP client Definitions updates

    Posted Feb 05, 2013 11:54 PM

    HI,

    Sep client are update or not ?

    Did you check under View Logs ->Virus and Spyware Protection -> System Logs



  • 3.  RE: SEP client Definitions updates

    Posted Feb 06, 2013 12:03 AM

    Thanks Shish,

    I'm new to SEPM infrastructure support

    Yes, SEP client updated and its made entry in View Logs ->Virus and Spyware Protection -> System Logs and in other place i've looking after log/log.liveupdate file to see the entry, but this file follows GMT 24hrs format, which is confusing me to compare with current system time as System log uses.

     



  • 4.  RE: SEP client Definitions updates

    Broadcom Employee
    Posted Feb 06, 2013 12:13 AM
    yes the time is set to GMT, you can verify by using keywords for success or failure of the LU.


  • 5.  RE: SEP client Definitions updates

    Posted Feb 06, 2013 12:15 AM

    Why Symantec not following one system.log entry to see the update overview on SEP client updates.

    any idea on how often symantec will release the definitions update? any place to subscribe the alert for the new release of definitions and other updates?

    Thanks,

    Saravanan



  • 6.  RE: SEP client Definitions updates

    Broadcom Employee
    Posted Feb 06, 2013 12:19 AM
    symantec releases 3 AV definition per day.


  • 7.  RE: SEP client Definitions updates

    Posted Feb 06, 2013 12:26 AM

    HI,

    Symantec released 3 Anti virus defination in every 8 hours.

    you can verify

    http://www.symantec.com/security_response/definitions.jsp

     

    Virus Definition Update FAQ

     

    Article:TECH103326 | Created: 2007-01-13 | Updated: 2010-01-29 | Article URL http://www.symantec.com/docs/TECH103326

     



  • 8.  RE: SEP client Definitions updates

    Posted Feb 06, 2013 12:37 AM

     

    Ther is not any alert/notificiation for release of virus defintion.

    You can only get the information from your SEPM Manager home page

    Or from the below site

    http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=savce



  • 9.  RE: SEP client Definitions updates

    Posted Feb 06, 2013 01:34 AM

    You can check the event viewer for updates.

     

    Symantec Endpoint Protection 11.x event log entries

     

    http://www.symantec.com/business/support/index?page=content&id=TECH105571&locale=en_US

    Event ID 16

     



  • 10.  RE: SEP client Definitions updates

    Posted Feb 06, 2013 02:43 AM

    Alternatively you can check directly in the log file for liveupdate events - this is for SEP 11.x if you are using liveupdate internet servers as download source: http://www.symantec.com/docs/TECH92881

    For 12.1 the log would be lue.log:

    https://www-secure.symantec.com/connect/articles/about-liveupdate-symantec-endpoint-protection-version-121



  • 11.  RE: SEP client Definitions updates

    Posted Feb 06, 2013 03:40 AM

    Hi,

    It's not available under system log. It really not necessary if info is available on GUI.In the SEP client GUI itself you can check whether client is updated or not. However to troubleshoot the issue if definitions are not updating then logs would required.

    You should refer the articles shared by SebastianZ.

    In the registry also there would be an entry for client definitions update.