About System reports and logs
Article ID: 177837
Updated On:
Products
Endpoint Protection
Issue/Introduction
Resolution
About the information in the System reports and logs
References
2009081409151448 - About the different types of Symantec Endpoint Protection Manager Reports
- Logons and logoffs
- Policy changes
- Password changes
- When certificates are matched
- Replication events
- Log-related events
- Successful and unsuccessful policy downloads
- Client connections to the server
- Server registrations
- To locate and troubleshoot replication problems
- To locate and troubleshoot backup problems
- To locate and troubleshoot Radius Server problems
- To look at all server events of a particular severity level
- Which clients have been blocked from accessing the network
- Which clients need to be restarted
- Which clients had successful or unsuccessful installations
- Which clients had service initiation and termination problems
- Which clients had rules import problems
- Which clients had problems downloading policies
- Which clients had failed connections to the server
- Enforcer connectivity
- The importation and application of policies and configurations
- Enforcer starts, stops, and pauses
The System logs contain information that is useful for troubleshooting client problems.
The below table describes some typical uses for the kind of information that you can get from System quick reports and log.
| Report or log | Typical uses |
| Top Clients That Generate Errors | Use this report to see which clients generate the largest number of errors and warnings. You may want to look at the location and type of users on these clients to see why they experience more problems than others. You can then go to the System log for details. |
| Top Servers That Generate Errors | Use this report to see which servers generate the largest number of errors and warnings. You may want to look at these servers to see why they experience more problems than is typical for your network. |
| Top Enforcers That Generate Errors | Use this report to see which Enforcers generate the largest number of errors and warnings. You may want to look at these Enforcers to see why they experience more problems than is typical for your network. |
| Database Replication Failures Over Time | Use this report to see which servers or sites experience the most problems with database replication. It also tells you why the replications fail so that you can remediate the problems. |
| Site Status | Use this report to see how your server handles its client load. Based on the information that is in this report, you may want to adjust the load. |
| Administrative log | Use this log to look at administrative-related items like the following activities:
This log may be useful for troubleshooting client problems such as missing certificates, policies, or imports. You can look separately at events as they relate to domains, groups, users, computers, imports, packages, replications, and other events. |
| Client-Server Activity log | Use this log to look at all the client activity that takes place for a specific server. For example, you can use this log to look at the following items: |
| Server Activity log | Among other things, use this log for the following reasons:
|
| Client Activity log | Among other things, you can use this log to monitor the following client-related activities:
|
| Enforcer Activity log | Use this log to monitor problems with the Enforcers. In this log, you can view management events, Enforcer events, enable events, and policy events. You can filter them by their severity level. For example, you can use this log to troubleshoot the following types of problems: |
| Note: | If you do not have Symantec Network Access Control installed, the Enforcer Activity log and the entries in other logs that apply to Enforcers are empty. |
References
2009081409151448 - About the different types of Symantec Endpoint Protection Manager Reports
Feedback
Yes
No
Powered by
