Endpoint Protection

 View Only

  • 1.  SEPM Export log data to a dump file and SYSLOG Feature

    Posted Jun 09, 2009 05:01 PM
    We are currently using the "Exporting log data to a text file" feature (pg 205 of the Administration Guide for Symantec™ Endpoint Protection and Symantec Network Access Control) to export logs to the "drive:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\dump folder. The logs filter is set to export Risks only.

    When we compare the Console risk logs to the text file (dump), we are noticing a discrepancy .Some Virus and Security risk events are missing in the text file. The SEPM's are version MR4 MP2.

    Has anyone who also use this feature notice that some events are not exported to the text file? We have tried the export to SYSLOG feature (pg 207) and it seems to have the same events missing in the text file.



  • 2.  RE: SEPM Export log data to a dump file and SYSLOG Feature

    Posted Jun 10, 2009 10:13 AM
    Are you using the default options or have you modified it?
    Try changing the frequency to 1 hour.
    Have you checked the box"Limit dump file records" ?

     


  • 3.  RE: SEPM Export log data to a dump file and SYSLOG Feature

    Posted Jun 10, 2009 01:52 PM
    We have tried all possible frequencies and have tested with limiting and not limiting the dump file records.