Enabling Verbose logging in Symantec Protection Engine

Article:TECH215445  |  Created: 2014-02-28  |  Updated: 2014-02-28  |  Article URL http://www.symantec.com/docs/TECH215445
Article Type
Technical Solution



There is a need to enable the Symantec Scan Engine (SSE) / Symantec Protection Engine (SPE) in debug / verbose mode and submit the logs to Symantec Technical Support.


Symantec Protection Engine 7.x

Symantec Scan Engine 5.2.x


Perform the following steps
1. Find out which file the user is trying to access and prepare to access the file
2. In the SPE console go to Monitors - Local logging level and change to Verbose and click the Apply/Save icons to the upper left.
3. Then under Reports - Detailed - press CTRL+A to check mark all options and Apply/Save.
4. Create a folder on your desktop called Symevidence
5. Try to access the problematic file and wait for the error message to appear. This can be done several times to ensure it´s clearly logged.
6. Note down the exact time when this occurred and type it down in a seperate .txt file and put this file in the Symevidence folder
7. Ensure the Date/Time range from is correct
8. Click "Generate Report" and save the report to the Symevidence folder
9. It´s also possible to click on "Export (CSV)" and save the file to the Symevidence folder
10. Compress the Symevidence folder to Symevidence.zip and submit it to Symantec Technical Support.
These 2 reports should include the debug logging necessary from the \program files\symantec\scan engine\log directory and the access failure to the specific file should be visible in the reports. Don´t forget to change the logging level back to Warning to prevent the disk space from filling up.

Article URL http://www.symantec.com/docs/TECH215445

Terms of use for this information are found in Legal Notices