Browse to the location of Stargate\Win64 and choose all *.ctl files then click "Open"
Choose "Select TMF Files" then click "OK"
Click "Add" and choose all *.tmf files then click "Open"
Click "Next" to configure the "Log SessionOptions":
Disable "Real Time Display"
Enable "Log Trace Event Data to File" and change Log File Name to a location with plenty of drive space.
Click "Advanced Log Session Options"
Go to the "Log Session Parameter Options" tab.
Set "Buffer Size" and "Sequential Buffer Size (MB)" to 0 so that the log file size is not limited.
If For Linux:
Open symcscan.sh in a text editor and add the following at the end of the variable section at the beginning of the file (see step 3.2):
Start the Symantec Protection engine service and replicate the problem.
Provide copies of session1.etl (or your configured filename) if Windows or a copy of the logs directory from /opt/SYMCScan/bin/definitions/Stargate/logs if Linux, CSAPI Debug log (csapi*.log) defined in step 3, and a copy of the SPE logs from the day of testing from /log inside the SPE installation folder