In SEPM, How to increase syslog information logged?
Created: 25 Dec 2012 | Updated: 25 Dec 2012 | 3 comments
Hi all,
I am using the External Logging feature to export most of my SEPM logs to logs file.
Unfortunately, some of the most important information doesn't appear in the log files, although it is accessible via the GUI.
For example:
1. the unique ID is missing in every log
2. I audit "writing to USB devices", and the serial number and file size are not logged via syslog (although they appear in the sepm db).
My question is - can I change that? can I set a more verbose syslog logging?
Thanks,
Marion.
Discussion Filed Under:
Comments 3 Comments • Jump to latest comment
Hi,
Check this thread may be help.
https://www-secure.symantec.com/connect/forums/how-make-sure-sepm-log-saved-least-12-months
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
Thanks Ashish, but unfortunately the thread treats a bit different subject.
Is there any way to increase the auditing level to syslog (server or dump file) ?
hi,
Try to increase severity levels...
What sepm version are you using ?
Exporting data to a Syslog server
Symantec Endpoint Protection Manager logs all messages to syslog server with Informational severity
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
Would you like to reply?
Login or Register to post your comment.