Table of Contents
Advertisement
About logs
Log type
Application and Device
Control
Logs contain records about client configuration changes, security-related activities,
and errors. These records are called events. The logs display these events with
any relevant additional information. Security-related activities include information
about virus detections, computer status, and the traffic that enters or exits the
client computer.
Logs are an important method for tracking each client computer's activity and
its interaction with other computers and networks. You can use this data to analyze
the overall security status of the network and modify the protection on the client
computers. You can track the trends that relate to viruses, security risks, and
attacks. If several people use the same computer, you might be able to identify
who introduces risks, and help that person to use better precautions.
You can view the log data on the Logs tab of the Monitors page.
The management server regularly uploads the information in the logs from the
clients to the management server. You can view this information in the logs or in
reports. Because reports are static and do not include as much detail as the logs,
you might prefer to monitor the network primarily by using logs.
You can view information about the created notifications on the Notifications
tab and information about the status of commands on the Command Status tab.
You can also run commands from some logs.
See
Running commands on the client computer from the logs"
Table 19-3
describes the different types of content that you can view and the
actions that you can take from each log.
Log types
Table 19-3
Contents and actions
Application and device control is not supported on Symantec Endpoint Protection
Small Business Edition but the Application Control log contains information about
Tamper Protection events. Although you can also select the Device Control log to
view, it is always empty.
Available information includes the time the event occurred, the action taken, the
domain and computer that were involved, the user that was involved, the severity,
the rule that was involved, the caller process, and the target.
You can create a Tamper Protection exception from the Application Control log.
Monitoring protection with reports and logs
on page 280.
277
Viewing logs
Advertisement
Table of Contents
Troubleshooting
