Endpoint Protection Manager Log Collecting Tool

book

Article ID: 151619

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

How to use the Symantec Endpoint Protection Manager (SEPM) Log Collecting Tool

 

Resolution

Introduction

The Symantec Endpoint Protection Manager Log Collection Tool is used to collect all or subsets of the Symantec Endpoint Protection Manager logs.

The logs are collected and compressed to a zip file called SEPM_logs.zip.

The log collection tool has only one file called collectLog.cmd. By default, it is installed in the \Program Files(x86)\Symantec\Symantec Endpoint Protection Manager\Tools directory.

The tool can collect all or one of the following Symantec Endpoint Protection Manager logs:

  • Server logs
  • Secars logs
  • Console logs
  • Config wizard logs
  • Liveupdate logs
  • Installshield logs

How to Use

Simply running SymDiag v2.1.112 or higher will automatically run the SEPM Log Collection Tool.  The tool can also be run on its own.  User can use either of the following two approaches to run this tool on its own.
 

  1. Collect all Symantec Endpoint Protection Manager logs
      1. Navigate to \Program Files(x86)\Symantec\Symantec Endpoint Protection Manager\Tools directory.
      2. Double click the collectLog.cmd file and it will collect all Symantec Endpoint Protection Manager's logs and compress them into a file named SEPM_logs.zip in the Tools folder.

         
  2. Collect all or subsets of Symantec Endpoint Protection Manager logs
    1. Open a command window.
    2. Change directory to \Program Files(x86)\Symantec\Symantec Endpoint Protection Manager\Tools
    3. To collect all Symantec Endpoint Protection Manager logs, type the following command:

      collectLog.cmd
       
    4. To collect a specific subset of Symantec Endpoint Protection Manager logs., type the following command:

      collectLog.cmd <parameter>


      Where <parameter> is the desired parameter.
      The following are the available parameters:
      • SEPM all logs (This is the same as without parameter)
      • SEPM server logs
      • SEPM secars logs
      • SEPM console logs
      • SEPM config wizard logs
      • SEPM liveupdate logs
      • SEPM installshield logs

    • When the command has completed the log collection, the logs are compressed into a file named SEPM_logs.zip in the Tools folder



References
Please note that, as stated in the Collecting Logs document (\Program Files(x86)\Symantec\Symantec Endpoint Protection Manager\Tools\collect_log.pdf), this tool collects only the server logs. The Symantec Endpoint Protection client logs are not collected.


In certain cases, Symantec Technical Support may request that the SEPM be configured to generate debug logs.  Troubleshooting other issues require the output of a more comprehensive tool such as the Symantec Diagnostics (SymDiag) tool. Please see the Related Articles for further information.