Symantec Endpoint Encryption Server Side Logging.


Article ID: 156212


Updated On:


Endpoint Encryption


You want to trace what is being sent by the clients to the server.


The trace for the web service is disabled by default.  If this is enabled for debugging it must be disabled after debugging is complete in production deployment.

This should only be enabled for testing and troubleshooting  purposes only.
Log Level
A registry key  "HKEY_LOCAL_MACHINE\\Software\\GuardianEdge\\Trace\\TraceSinks\\FileSink\\GuardianEdge.GECommunicationWS",
and DWORD value named LogLevel have to be created to enable trace for the web service.

The following are  possible values and their meaning when a client request is processed:
LogLevel =  0 - Trace is disabled.
LogLevel =  1  - Trace is enabled, only error message is logged i.e. a successful request does not produce a log entry.
LogLevel =  2  - Trace is enabled,  error and/or success messages are logged out.
The trace is disabled if registry key or LogLevel  does not exist

Setting LogLevel to a value of 2 is what we want to do.  Keep in mind this will generate a lot of log data. When we do this we want to force communication from the test client we are trying to get logging from. Once this has been done a couple of times. We will then want to reset the LogLevel to 0(zero).


Log data will be stored in c:\Guardian Edge\Management Server\GECommunicationWS Logs