ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Protection Engine Scan Log, Event ID, Event Log list

book

Article ID: 194660

calendar_today

Updated On:

Products

Protection Engine for Cloud Services Protection Engine for NAS Protection for SharePoint Servers

Issue/Introduction

You need information about Symantec Protection Engine (SPE) Event ID list, scan logs, including format and how to parse through the raw logs. This information can help you plan integration of SPE logging with third party tools such as Splunk or in-house developed monitoring tools.

Environment

SPE 8.0, 8.2.1

Resolution

The document attached to this article contains the following information:

  • Log Format Details
  • Log Field Description
  • Windows Event ID Details (only when logwindows is enabled)
  • Windows Event Log Details (only when logwindows is enabled)
  • Information regarding how to parse the raw logs (without using the logconverter utility)

Note: The raw .log files can be converted to human readable format by using the logconverter utility. See article 164643 for more information.

Attachments

1639041874293__SPE_8.2.1_log_format.xlsx get_app
1639041856225__SPE_8.0_log_format.xlsx get_app