How to query Symantec Endpoint Protection Embedded database in version 14.3 RU1 and newer?
search cancel

How to query Symantec Endpoint Protection Embedded database in version 14.3 RU1 and newer?


Article ID: 240358


Updated On:


Endpoint Protection


How to query SEPM SQL Server Express database in version 14.3 RU1 and newer?


14.3 RU1 or newer


In version 14.3 RU1 the embedded database was updated to the Microsoft SQL Express database. The SQL Server Express database stores policies and security events more efficiently than the default embedded database and is installed automatically with the Symantec Endpoint Protection Manager.

More information: What's new for Symantec Endpoint Protection 14.3 RU1?


1.Download and install SQL Server Management Studio on SEPM machine.

Microsoft website:

2.Machine’s restart will be required to finish installation

3.After installation in Windows Menu Start choose Microsoft SQL Server Tools > Microsoft SQL Server Management Studio

4.After start you will be prompted to connect to the server.

Server type: Database Engine

Server Name: [Your SEPM Machine name]\SQLEXPRESSSYMC

Authentication: SQL Server Authentication

Username: dba 

Password: [Same as SEPM admin’s password]  *

5.Test if you can querry you db by choosing File>New>Query with current Connection

Place a querry and click ‘Execute’


Sample query: select * from SEM_COMPUTER will return list of the computers in SEM_COMPUTER table



*If you can't login and "The target principal name is incorrect" you might need to go to "Options" and in connection properties enable "Trust Server Certificate" option

Additional Information

If you use SEP older than Version 14.3 RU1 please check the following article: How to query the SEPM embedded database

If you would like to learn more about SEP versions please check the following article: Versions, system requirements, release dates, notes, and fixes for Symantec Endpoint Protection and Endpoint Security