When viewing the External Logging dump files generated from Symantec Endpoint Protection Manager (SEPM) you may notice some formatting inconsistencies with header file path and description missing; application names without commas and incorrect header names.

This issue is fixed in Symantec Endpoint Protection Manager 14.2 RU2.  For information on how to obtain the latest build of Symantec Endpoint Protection, read
TECH 103088: Download the latest version of Symantec Endpoint Protection

External Logging dump inconsistencies were resolved by:

1. Added header file path, description.
2. Added escape for Application name.
3. Corrected header's names.

Corrections include: 

Security, traffic, behavior, scan, risk and SONAR logs:
End is now End Time
User is now User Name
Domain is now Domain Name
Group is now Group Name 
 
Admin, agent, policy:
Domain is now Domain Name
 
System:
Group is now Group Name
 
System, admin, agent, policy, scan, risk and SONAR logs:
Server is now Server Name
 
Risk and SONAR logs:
Inserted is now Event Insert Time
Source computer is now Source Computer Name 
Source IP is now Source Computer IP