How to convert Protection Engine 7.0 .LOG files to CSV format

book

Article ID: 157510

calendar_today

Updated On:

Products

Protection Engine for Cloud Services Protection for SharePoint Servers Protection Engine for NAS

Issue/Introduction

This article contains the instructions on how to convert .LOG files into CSV format for Symantec Protection Engine 7.0

Resolution

The following command must be run from within the Symantec Protection Engine's main folder (e.g. C:\Program Files\Symantec\Scan Engine):

java -cp servers.jar;xalan.jar;commons-lang3-3.1.jar com.symantec.reporting.LogFileConverter -c <path to .LOG file> 

Note: in order for the "java" command to run, the Java Runtime Environment binary files location must be added to the PATH environment variable (e.g. %PATH%) 

 

Example:

C:\Program Files (x86)\Symantec\Scan Engine>java -cp servers.jar;xalan.jar;commons-lang3-3.1.jar com.symantec.reporting.LogFileConverter -c LOG\SSE20121213.log

Date/time of event,Event,Event Severity Level,URL,File name,File status,Component name,Component disposition,Scan Rule,Virus name,
Virus ID,Mail Policy Violation,Container Violation,File Attribute Violation,Matching URL,Categories,DDR Score,Scan Duration (sec),
Connect Duration (sec),Product Version,Decomposer Version,Virus definitions,Symantec URL Definitions,DDR Definitions Version,Previ
ous virus definitions,Previous Symantec URL Definitions,Previous DDR Definitions Version,Definitions,Outbreak Events,Outbreak Inte
rval (sec),Error Message,Feature Name,Expiration Date,Scanner,Result ID,Symantec Protection Engine threshold queue size,Symantec P
rotection Engine number of queued items,Client SID,Client Computer,Client IP,Server IP,Subscriber ID,Logging Destination,Symantec
Protection Engine IP address,Symantec Protection Engine Port number,Uptime (in seconds),Filer IP,RPC Request ID,Non Viral Threat N
ame,Non Viral Threat ID,Security Risk Definitions,Statistics String,Start Time,End Time,Configured Scan Requests per second,Scan R
equests per second,Update Method,Security Risk Category,CAIC URL Definitions,Previous CAIC URL Definitions,User Login Name,Console
 IP,Group name,Warning Message,Uber Category,Sub Category ID,Sub Category Name,Sub Category Description,Cumulative Risk Rating,Per
formance impact,Privacy impact,Ease of removal,Stealth
Thu Dec 13 08:11:53 EST 2012,Startup,Information,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,192.168.2.10,1344,65,,,,,,,,,,,,,,,,,,,,,
,,,,,,
Thu Dec 13 08:11:53 EST 2012,Version Information,Information,,,,,,,,,,,,,,,,,7.0.0.46,5.2.0.16,20121209.006,20100817.045,,,,,,,,,,
,,,,,,,,,,,192.168.2.10,1344,65,,,,,,,,,,,,,20121207.033,,,,,,,,,,,,,,