search cancel

How to query the SEPM embedded database

book

Article ID: 151355

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

How are embedded databases queried for the Symantec Endpoint Protection Manager (SEPM) as well as legacy products Sygate Network Access Control and Symantec Sygate Enterprise Protection?

 

Resolution

The Symantec Endpoint Protection Manager (SEPM) embedded database is based on technology inherited from Sygate which used similar technology in its Sygate Network Access Control and Symantec Sygate Enterprise Protection products. The SEPM embedded database is also known as the Adaptive Server Anywhere database. Tools are provided with the installation of the SEPM (previously known as the Symantec Policy Manager) that allow the user to send SQL query statements to the embedded database tables.

 
To find the Symantec Endpoint Protection Manager database schema, please contact support.
 
 
Querying the Symantec Endpoint Protection Manager embedded database (14.0+)
  1. Navigate to C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\ASA\win32
  2. Launch dbisqlc.exe
  3. Under Authentication, User ID is: DBA, Password: The original Admin password created when you first installed the SEPM (if the embedded database password has never been changed using the Management Server Configuration Wizard)
  4. Choose the dropdown next to action, change it to Connect with an ODBC Data Source
  5. Select ODBC Data Source Name, then in the drop down, select SymantecEndpointSecurityDSN
  6. Click OK
 
Querying the Symantec Endpoint Protection Manager Database (12.1.2000+)
1.    It is recommended that a backup of the database is created before connecting to the embedded database. This can be done by using the built in procedure, or creating a copy of the following directory:
 
%Symantec Endpoint Protection Manager%\DB\ directory
 
…where %Symantec Endpoint Protection Manager% is the installation directory for the SEPM
  1. Stop the Symantec Endpoint Protection Manager service via the Microsoft Services console.
  2. Stop the Symantec Embedded Database service via the Microsoft Services console.
  3. In Windows Explorer, navigate to the "%Symantec Endpoint Protection Manager%\ASA\win32\" directory if installed on Windows 32bit system. If installed on 64bit system, then navigate to "%Symantec Endpoint Protection Manager%\ASA\win64\" directory
  4. Open the "dbsrv16.exe" (dbsrv16.exe: SEPM 12.1.4000) application
  5. In the Database: field browse to:
 %Symantec Endpoint Protection Manager%\db\sem5.db
  1. Click OK to connect to the database. A dialog will appear that will show status updates for the starting and opening of the Adaptive Server Anywhere database.
  2. Open the “dbisqlc.exe” application in:
Windows 32bit : %Symantec Policy Manager%\ASA\win32\
Windows 64bit : %Symantec Policy Manager%\ASA\win64\
  1. Under the ‘Login’ tab enter the following information:
User ID: dba
Password: (same as the SEPM’s admin password)
  1. In dbisqlc you can enter commands in the text box in the Command pane at the bottom of the window. Click the ‘Execute’ button in the same pane to run the command against the database selected in dbsrv16. Results will appear in the Data pane at the top of the window.

Querying the Symantec Policy Manager Embedded Database
1.    It is recommended that a backup of the database is created before connecting to the embedded database.
a.    This can be done by using the built in procedure, or creating a copy of the %Symantec Policy Manager%\DB\ directory.
2.    Stop the Symantec Policy Manager service via Microsoft Services.
3.    Stop the Embedded Database service via Microsoft Services.
a.    The service name is ‘Adaptive Server Anywhere – sem5’.
4.    In Windows Explorer, navigate to the "%Symantec Policy Manager%\ASA\win32\" directory.
5.    Open the "dbsrv16.exe" application.
6.    Point to the "%Symantec Policy Manager%\db\sem5.db."
7.    Click OK to connect to the database.
8.    Go back to the "%Symantec Policy Manager%\ASA\win32\" directory if windows 32bit or the "%Symantec Policy Manager%\ASA\win64\" directory if windows 64bit and open the "dbisqlc.exe" application.
9.    Go to the Login tab, enter in dba for the User ID. Enter the password which was specified during the installation.
10.Enter SQL commands in the command window.
11.Click Execute to commit the command to the database.
 
Ex:-
query: select * from SEM_COMPUTER
Output to : select * from SEM_COMPUTER; OUTPUT TO "C: SEP5.csv"

References
Sygate Enterprise Protection Documentation

 

 

 

 

Attachments