Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SEP client Definitions updates

Created: 05 Feb 2013 | 10 comments

When the SEP client updates the definitions over the internet, I dont see any logs updated in the system log under Client Management view logs "system log"

Discussion Filed Under:

Comments 10 CommentsJump to latest comment

Ashish-Sharma's picture

HI,

Sep client are update or not ?

Did you check under View Logs ->Virus and Spyware Protection -> System Logs

Thanks In Advance

Ashish Sharma

SaravananB's picture

Thanks Shish,

I'm new to SEPM infrastructure support

Yes, SEP client updated and its made entry in View Logs ->Virus and Spyware Protection -> System Logs and in other place i've looking after log/log.liveupdate file to see the entry, but this file follows GMT 24hrs format, which is confusing me to compare with current system time as System log uses.

pete_4u2002's picture

yes the time is set to GMT, you can verify by using keywords for success or failure of the LU.

SaravananB's picture

Why Symantec not following one system.log entry to see the update overview on SEP client updates.

any idea on how often symantec will release the definitions update? any place to subscribe the alert for the new release of definitions and other updates?

Thanks,

Saravanan

Ashish-Sharma's picture

HI,

Symantec released 3 Anti virus defination in every 8 hours.

you can verify

http://www.symantec.com/security_response/definitions.jsp

Virus Definition Update FAQ

Article:TECH103326 | Created: 2007-01-13 | Updated: 2010-01-29 | Article URL http://www.symantec.com/docs/TECH103326

Thanks In Advance

Ashish Sharma

Sumit G's picture

Ther is not any alert/notificiation for release of virus defintion.

You can only get the information from your SEPM Manager home page

Or from the below site

http://www.symantec.com/security_response/definiti...

Regards

Sumit G.

Rafeeq's picture

You can check the event viewer for updates.

Symantec Endpoint Protection 11.x event log entries

 

http://www.symantec.com/business/support/index?pag...

Event ID 16

SebastianZ's picture

Alternatively you can check directly in the log file for liveupdate events - this is for SEP 11.x if you are using liveupdate internet servers as download source: http://www.symantec.com/docs/TECH92881

For 12.1 the log would be lue.log:

https://www-secure.symantec.com/connect/articles/a...

JS@support's picture

Hi,

It's not available under system log. It really not necessary if info is available on GUI.In the SEP client GUI itself you can check whether client is updated or not. However to troubleshoot the issue if definitions are not updating then logs would required.

You should refer the articles shared by SebastianZ.

In the registry also there would be an entry for client definitions update.