How to enable LiveUpdate Cross platform (LUX) details logging on Protection Engine


Article ID: 181756


Updated On:


Protection Engine for Cloud Services Scan Engine Protection for SharePoint Servers Protection Engine for NAS




How to enable debug logging for LiveUpdate Cross platform (Lux) for Symantec Protection Engine (SPE):

Basic Liveupdate logging is enabled by default and not configurable. Detailed logging is configurable and the configuration files can be found under Symantec_Protection_Engine_Tools_<version> This can be downloaded from your MySymantec account.

To enable detailed LiveUpdate logging on SPE: 

- For Windows Platform
On Windows platforms, you need to use a Windows software trace preprocessor (WPP) tracing mechanism to view the LiveUpdate log. For example, use TraceView that is a part of Windows Driver Kit (WDK). It is necessary to run kitsetup.exe for traceview to be available on the local system.
Traceview is part of Windows Driver Kit (WDK). It can be obtained from

1. Unzip all the tmf and ctl files out from Symantec_Protection_Engine_Tools_<version>\SPE_Tools\Tools\LiveUpdate_Log_Config\Win64 to a known location.

2. Run TraceView.exe.

Configure "traceview" to capture the Liveupdate activity.

a. Click "File" ->> "Create New Log Session"

b. Click "Add Provider"

c. Select "CTL (Control GUID) File

d. Browse to the location of lux_logging_tools and choose "LuxTrace.ctl then click "Open"

e. Choose "Select TMF Files" then click "OK"

f. Click "Add" and choose "Lux.tmf" then click "Open"

g. Click "Done"

h. Repeat "a" to"g" for "DuluxTrace.ctl" and "duluxcallback.tmf" to complete the "Create New Log Session"

i. Click "Next" to configure the "Log SeesionOptions", choose "Real Time Display" and "Log Trace Event Data to File"

j. Click "Finish" then start "Liveupdate" from SPE GUI


- For Linux / Solaris Platform:

  1. Copy the lux.logging.conf file from the Symantec_Protection_Engine_Tools_<version>\Tools\LiveUpdate_Log_Config\ folder into the /etc/symantec directory.
  2. Edit the following values in the lux.logging.conf file:
  • logger.enabled=true
  • logger.level=info
  • logger.sink=file
  • logger.sink.file.filePath= user defined file path

Note: Ensure that the user defined file path exists. The path needs to end with the log file name.  For example "Logger.sink.file.filepath= /tmp/lux/lux_detail.log".

Location of the Liveupdate log:

On Linux / Solaris platforms:


On 64-bit Windows platforms:

C:\Program Files\Symantec\Scan Engine\Definitions\AntiVirus\Logs\lux.log

On 32-bit Windows platforms:

C:\Program Files (x86)\Symantec\Scan Engine\Definitions\AntiVirus\Logs\lux.log


Attachments get_app