Initiating a full dump
Data consists of all of the recorded events that occurred on the endpoint.
Follow the following steps to perform a
Full Dumpon an endpoint.
The Full Dump may take a couple of hours to complete depending on the size of the data that is collected from the endpoint.
- Log on to the Symantec Endpoint Security console and selectInvestigatemenu.
- Search for relevant events that you want to investigate further.
- From theResultsgrid, clickActionsmenu
- From the Actions menu, selectFull Dump.
- On theInitiate Full dump For (Device name), clickOK.