Endpoint Protection

Hi,

Is it possible to see the Clients Security logs in the SEPM console?

When I go to View logs > Security logs in the Client Management I can see them but I would like to see this information in the SEPM...it would be much easier to manage rather than go to every client to see the info.

Thanks,
Simon

These are the various reports  you can view from the SEPM.

About the different types of Symantec Endpoint Protection Manager Reports


http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2009081409151448

Thanks Sandip,

So thats a No then...?

You can definetly put in your idea for this feature in the ideas section so that it can be considered in the subsequent builds.

You actually can see those information in the manager also, Otherwise it shouldn;t be called a "Manager" .. :P ...

* Monitors -> Logs will give you detailed information about aany client computer.
* For threat activity, you can pull a 'Risk log' ..

Click on advanced to choose your desired field... :) ...

Thanks Visu, but the Security logs dont show on the SEPM...or at least I can't see them!

You cant see the same information in the SEPM as you can in the client.

Well, actually each and every activity of a "managed" client is logged and is sent to the SEPM for auditing purposes... But sadly, it has been split into various logs and reports in the SEPM... Please be patient to go through each of the log types to check if thats what you are looking for... :) ...

Again, If its not annoying anyone out here, I am suggesting Simon to check under 'Client activity' logs... :) ...

 First you edit your antivirus and antispyware policy which is applied to the group which the client resides.Go to Miscellaneous ---->log handling and ensure that all required logs are selected .
Then come to Clients---> <the req. group>---->policies---->client log settings and ensure that  security log is selected.

Then come to monitors--->logs --->Network threat protection--->attacks view log .(I am predicting you are telling about the Intrusion Prevention  logs, if other than that tell us exactly which type of information you req. As Visu told in manager reports are splited to many .So for more accurate info. pls t;ll us which type of entry you are referring to..) 

It looks like the "detailed" security event logs that you see when you go to the local client are not visible from SEPM, but it was available in the SAV console.

Symantec has a how to guide comparing the two versions, and you can see that SEPM doesn't not have anywhere near the same level of detail for the client logs as was shown in the old SAV console. 

http://www.symantec.com/business/support/endpointsecurity/ssc_sep/view_logs.html

  I don't know how they could think this is comparable since it no longer provides a way to show events line by line.  You now have to log into the client locally to see this.

If you have enabled SNAC then you can have Client security logs on SEPM. Otherwise it is not posible.

Log in SEPM --> Go to Monitors --> Logs --> Compliance Logs

Select log Content --> Host Compliance & export the logs

Client security logs are seen on Console.


Regards...
Ramji Iyyer

why sepm erroe massage . when i log on manager error massage display server not comunicate with reporting compont

I'd suggest you to open a new thread for your issue. We'll be glad to discuss over there.

pls create a separate thread for your problem..