Hello,
Yes, you can manage client logs retention for a specific group changed.
Below are the steps:
1.) Login to the SEPM console.
2.) Click on ''Clients'' page of the console, and then select the client group where the log retention settings are to be changed
3.) With the client group selected, click on the Policies tab for this group, then access the Client Log Settings.
4.) Configure client log retention settings as needed, clicking OK to commit changes when finished.
These changes will apply to the client group selected, as well as any sub-groups which are inheriting from this group.
Refer: https://support.symantec.com/en_US/article.TECH188992.html
Secondly for you could Increase the Log size which are maintained in the Database by
SEPM console >> Admin >> Servers >> Local Server and Click on Edit Site Properties >> Log settings
Also, check this Article on How to manage SEP client log retention settings in SEP 12.1
http://www.symantec.com/docs/TECH188992
You could also create an External Logging and Export log data to a Syslog server
Admin-> Servers-> Local Site -> Configure External Logging
Check this Threads:
https://www-secure.symantec.com/connect/forums/how-configure-external-logging-ssim-symantec-endpoint-protection
https://www-secure.symantec.com/connect/forums/external-logging-syslog-server
Hope that helps!!