Currently client computers that boot in UEFI mode do not log unsuccessful logon attempts at the preboot authentication screen. Administrators can use the Client Event Log report to view the number of unsuccessful preboot authentication attempts only for client computers that boot in BIOS mode.

A Feature Request has been submitted to add logging functionality for failed logon attempts with UEFI machines as well.

Symantec Corporation is committed to product quality and satisfied customers. Technical Support filed a Feature Request to add the functionality listed above. This Feature Request is currently being considered by Symantec Corporation to be addressed in a forthcoming version of the product.  

There is no guaranteed date for this request from the Encryption Product Management team, or the Encryption Engineering team at this time. Please be sure to refer back to this article periodically as any changes to the status of the request will be reflected here. You can also subscribe to this article to receive notification when it is updated. 

To have your organization added to the list of companies that desire this Feature Request, please contact technical support.