Can the source IP address of ALL packets sent to the Symantec Data Loss Prevention (DLP) Network Monitor be logged?
No, our logging will NOT capture the IP of ALL the packets sent to the NetMon server.
The best we can do is to set the PacketCaptureNativeLogging.properties file, Logger for StreamManager value to either DEBUG or TRACE.
The PacketCapture log will then display the packet's source and destination IP addresses.
However, it will only log information for enabled protocols and for file types we are monitoring.
It does NOT log information for ALL packets pushed to the NetMon servers.
Changes to the PacketCaptureNativeLogging.properties file require a restart of the services on the NetMon server.