Yes ! I can see the logs on the client-side , but not on the SEPM-side !
So I've opened the case : 03373742
Here's the technician answer :
Issue #2 - TruScan logs not being displayed in a 12.1 SEPM
As you know, SONAR has replaced TruScan in 12.1. It is expected behavior, working as designed, that the TruScan logs are not viewable in 12.1 SEPM. The advice would be to migrate your clients to 12.1 so that they are running SONAR which can be viewed from the SEPM as expected. Another unsupported workaround would be, once again, to run a SQL query to pull this information from the database, as it should still be processed from the information the client has sent to the SEPM
My reaction on that was:
- Disable TruScan policy until every client is upgraded to SEP12 version , becase right now I cannot see Truscan False-positives on SEP11 clients.
- Submit idea to Symantec for including this feature on the next product releases, since SEPM12 supports SEP11 clients, it must support also the log handling.
https://www-secure.symantec.com/connect/ideas/sepm-121-support-displaying-truscan-logs
If you agreed, please vote !