Endpoint Protection

 View Only

  • 1.  Clearing Symantec Endpoint Protection log files

    Posted Dec 23, 2009 10:43 AM
    I would like to safely clear old content from the Symantec Endpoint Protection log files; some of them are growing quite large and I am running into disk space issues.
    The files/paths are listed below:

    Windows\temp\SEP_INST.LOG
    Program Files\Symantec\Symantec Endpoint Protection Manager\db\sem5.log
    Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\SesmLu.log
    Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\SesmLu-1.log
    Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\SesmLu-2.log

    In particular, the last two are close to 1 gig each.  

    Is there a way to automatically archive log data and schedule cleanup?

    Thanks
    ITeagle


  • 2.  RE: Clearing Symantec Endpoint Protection log files

    Posted Dec 23, 2009 11:36 AM
    I'm not sure whether there is something in the console that does this, but it would pretty easy to setup as a scheduled job inside of windows on the server.  Just create a batch file that archive's your logs and then deletes them. That way you have the logs since the last time the job runs.
    The batch file would look something like this:


    del c:\Windows\temp\SEP_INST.LOG.back
    del c:\Program Files\Symantec\Symantec Endpoint Protection Manager\db\sem5.log.back
    del c:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\SesmLu.log.back
    del c:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\SesmLu-1.log.back
    del c:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\SesmLu-2.log.back

    ren c:\Windows\temp\SEP_INST.LOG c:\Windows\temp\SEP_INST.LOG.Back
    ren c:\Program Files\Symantec\Symantec Endpoint Protection Manager\db\sem5.log c:\Program Files\Symantec\Symantec Endpoint Protection Manager\db\sem5.log.back
    ren c:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\SesmLu.log c:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\SesmLu.log.back
    ren c:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\SesmLu-1.log c:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\SesmLu-1.log.back
    ren c:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\SesmLu-2.log c:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\SesmLu-2.log.back



  • 3.  RE: Clearing Symantec Endpoint Protection log files
    Best Answer

    Posted Dec 24, 2009 03:45 AM
    Login to SEPM
    Go to Admin ------> Local site ----->edit site properties
    Here you will get four tabs Among that change some values in Log Setting and database tabs and see any progress is present..... 


  • 4.  RE: Clearing Symantec Endpoint Protection log files

    Posted Dec 24, 2009 07:58 AM
    If you want to clean all the logs from SEPM, then set all the values to 0. After than let the SEPM run for about 5 mins and then set all values back to the default.

    That should clean all the files from SEPM. Also, please make sure that you have not enabled debug logging for SEPM, as it can enable ver detailed and space consuming logs.

    Aniket


  • 5.  RE: Clearing Symantec Endpoint Protection log files

    Posted Dec 28, 2009 11:58 AM
    Thanks for the help.   All three suggestions were helpful; They helped to shed a little light on the Symantec Endpoint log files.

    ITeagle


  • 6.  RE: Clearing Symantec Endpoint Protection log files

    Posted Dec 28, 2009 12:33 PM
    Screenbelt:  Thanks for taking the time to type out the commands for the batch file.

    ITeagle