Exporting log data to a text file

When you export data from the logs to a text file, by default the files are placed in a folder. By default, that folder path is C:\Program Files (x86)\Symantec\
Symantec Endpoint Protection Manager
\data\dump. Entries are placed in a .tmp file until the records are transferred to the text file.
For the 32-bit systems that run 12.1.x, it is C:\Program Files (x86)\Symantec\
Symantec Endpoint Protection Manager
\data\dump.
You cannot restore the database by using exported log data.
Log text file names for
Symantec Endpoint Protection
shows the correspondence of the types of log data to the names of the exported log data files. The log names do not correspond one-to-one to the log names that are used on the
Logs
tab of the
Monitors
page.
Log text file names for
Symantec Endpoint Protection
Log Data
Text File Name
Server Administration
scm_admin.log
Application and Device Control
agt_behavior.log
Server Client
scm_agent_act.log
Server Policy
scm_policy.log
Server System
scm_system.log
Client Packet
agt_packet.log
Client Proactive Threat
agt_proactive.log
Client Risk
agt_risk.log
Client Scan
agt_scan.log
Client Security
agt_security.log
Client System
agt_system.log
Client Traffic
agt_traffic.log
When you export to a text file, the number of exported records can differ from the number that you set in the
External Logging
dialog box. This situation arises when you restart the management server. After you restart the management server, the log entry count resets to zero, but there may already be entries in the temporary log files. In this situation, the first *.log file of each type that is generated after the restart contains more entries than the specified value. Any log files that are subsequently exported contain the correct number of entries.
  1. To export log data to a text file
  2. In the console, click
    Admin
    .
  3. Click
    Servers
    .
  4. Click the local site or remote site that you want to configure external logging for.
  5. Click
    Configure External Logging
    .
  6. On the
    General
    tab, select how often you want the log data to be sent to the file.
  7. In the
    Master Logging Server
    list box, select the server that you want to send logs to.
    If you use Microsoft SQL with more than one management server connecting to the database, only one server needs to be a Master Logging Server.
  8. Check
    Export Logs to a Dump File
    .
  9. If necessary, check
    Limit Dump File Records
    and type in the number of entries that you want to send at a time to the text file.
  10. On the
    Log Filter
    tab, select all of the logs that you want to send to text files.
    If a log type that you select lets you select the severity level, you must check the severity levels that you want to export.
  11. Click
    OK
    .