About System reports and logs
search cancel

About System reports and logs

book

Article ID: 177837

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction



Resolution

About the information in the System reports and logs

    The System logs contain information that is useful for troubleshooting client problems.

    The below table describes some typical uses for the kind of information that you can get from System quick reports and log.

    Report or logTypical uses
    Top Clients That Generate ErrorsUse this report to see which clients generate the largest number of errors and warnings. You may want to look at the location and type of users on these clients to see why they experience more problems than others. You can then go to the System log for details.
    Top Servers That Generate ErrorsUse this report to see which servers generate the largest number of errors and warnings. You may want to look at these servers to see why they experience more problems than is typical for your network.
    Top Enforcers That Generate ErrorsUse this report to see which Enforcers generate the largest number of errors and warnings. You may want to look at these Enforcers to see why they experience more problems than is typical for your network.
    Database Replication Failures Over TimeUse this report to see which servers or sites experience the most problems with database replication. It also tells you why the replications fail so that you can remediate the problems.
    Site StatusUse this report to see how your server handles its client load. Based on the information that is in this report, you may want to adjust the load.
    Administrative logUse this log to look at administrative-related items like the following activities:
    • Logons and logoffs
    • Policy changes
    • Password changes
    • When certificates are matched
    • Replication events
    • Log-related events

    This log may be useful for troubleshooting client problems such as missing certificates, policies, or imports. You can look separately at events as they relate to domains, groups, users, computers, imports, packages, replications, and other events.
    Client-Server Activity logUse this log to look at all the client activity that takes place for a specific server.
    For example, you can use this log to look at the following items:
    • Successful and unsuccessful policy downloads
    • Client connections to the server
    • Server registrations
    Server Activity logAmong other things, use this log for the following reasons:
    • To locate and troubleshoot replication problems
    • To locate and troubleshoot backup problems
    • To locate and troubleshoot Radius Server problems
    • To look at all server events of a particular severity level
    Client Activity logAmong other things, you can use this log to monitor the following client-related activities:
    • Which clients have been blocked from accessing the network
    • Which clients need to be restarted
    • Which clients had successful or unsuccessful installations
    • Which clients had service initiation and termination problems
    • Which clients had rules import problems
    • Which clients had problems downloading policies
    • Which clients had failed connections to the server
    Enforcer Activity logUse this log to monitor problems with the Enforcers. In this log, you can view management events, Enforcer events, enable events, and policy events. You can filter them by their severity level.
    For example, you can use this log to troubleshoot the following types of problems:
    • Enforcer connectivity
    • The importation and application of policies and configurations
    • Enforcer starts, stops, and pauses
    Note: If you do not have Symantec Network Access Control installed, the Enforcer Activity log and the entries in other logs that apply to Enforcers are empty.


    References
    2009081409151448 - About the different types of Symantec Endpoint Protection Manager Reports