When there is an issue on the Symantec Encryption Management Server (SEMS) and the regular logs are not helpful, you may need to turn on debug logging.

It is recommended to do so for a short period of time only while reproducing the problem as the debug logging will fill up the hard drive quickly.

180838 - Enabling Debug logging in PGP Encryption Desktop (Symantec Encryption Desktop) for Windows
161042 - Enabling Debug Logging in Symantec Endpoint Encryption (SEE)
155615 - Enabling Debug Logging on the PGP Encryption Server (Symantec Encryption Management Server)

In the event that Debug logging may be needed, please contact Symantec Enterprise Division Support.

Accessing the server command line for read-only purposes (such as to view settings, services, logs, processes, disk space, query the database, etc) is supported. However, performing configuration modifications or customizations via the command line may void your Symantec Support agreement unless the following procedures are followed.

If SSH (Putty) access has not been configured, please follow the instructions in this KB article:
Access Symantec Encryption Management Server via SSH Using PuTTY

180838 - Enabling Debug logging in PGP Encryption Desktop (Symantec Encryption Desktop) for Windows
161042 - Enabling Debug Logging in Symantec Endpoint Encryption (SEE)
155615 - Enabling Debug Logging on the PGP Encryption Server (Symantec Encryption Management Server)