When advised to gather debug logs by a Symantec Support technician you can configure the Symantec Diagnostic Tool (SymDiag) to enable and disable debug logging for some supported Symantec products as part of the data gathering scan. The supported Symantec products for this feature are as follows:
Endpoint Protection Client
Mail Security for Microsoft Exchange
For instructions on how to use SymDiag to gather data from a system:
When gathering data for a Symantec support case with SymDiag you will encounter the following scan options dialog:
If one of the Symantec products you selected supports SymDiag debug logging, the checkbox option to enable product debug logging for that product will appear. Support will either instruct you to check the relevant product in the Debug Logging section of this dialog or they will also advise you to click on the 'Advanced…' button in order to configure a non-default debug logging configuration.
If you click on the ‘Advanced…’ button you will be presented with an additional dialog that will contain one or two tabs. Each tab represents a supported Symantec product for which SymDiag has debug logging capabilities.
For instructions on how to use the Advanced debug logging dialog:
If you enable some type of debug logging you will see additional dialogs indicating the need for acknowledgement and/or the status of various debug logging configuration changes being made on the system.
Once debug logging has been successfully enabled, SymDiag will provide a dialog indicating that it is waiting in order to allow time for the issue to be reproduced on the system. Once sufficient time has passed or once the issue has been reproduced, then the user should click ‘Continue scan’. Debug logging will then be disabled by SymDiag and the debug logs and other data will be automatically collected once the data collection process commences.
There is an alternate UI mode that can be used to collect the same type of debug logs. For more information: