Initiating a full dump

Data consists of all of the recorded events that occurred on the endpoint.
Follow the following steps to perform a
Full Dump
on an endpoint.
The Full Dump may take a couple of hours to complete depending on the size of the data that is collected from the endpoint.
  1. Log on to the Symantec Endpoint Security console and select
    Investigate
    menu.
  2. Search for relevant events that you want to investigate further.
  3. From the
    Results
    grid, click
    Actions
    menu
  4. From the Actions menu, select
    Full Dump
    .
  5. On the
    Initiate Full dump For (Device name)
    , click
    OK
    .