You want to know how to change the logging level on the following logs used in Symantec Endpoint Protection [SEP] Client for Linux:
- Common Agent Framework (cafagent)
- Changing the AMD logging level
- Changing the CVE logging level.
- Extended Liveupdate i.e Lux debugging
(Note that increased logging can affect system performance and should be performed with the help of Broadcom Support. If you need to continue, it is important to remember to revert to the default logging configuration for best performance.)
SEP client for Linux version 14.3 RU1 and higher
logging.loggers.root.level= trace
/etc/init.d/cafagent restart
service sisamdagent stop
amdmanagement.antimalware.trace.level=trace
scanner.trace.level=full
service sisamdagent start
Note: Revert logging levels back to default after log collection is complete. Repeat steps 1-6, but replace the logging levels with the default values.
log4j.rootCategory=DEBUG, A1
/etc/init.d/cafagent restart
Create the file: /opt/Symantec/sdcssagent/AMD/sef/config/lux.logging.conf
Enter the following contents to the above file:
logger.enabled=true
logger.level=debug
logger.sink=file
logger.sink.file.filePath=/opt/Symantec/sdcssagent/AMD/sef/Logs/devlux.log
Save and close the file
At this point, you can either run LiveUpdate manually to generate the log or wait for LiveUpdate to run automatically.
The log can be viewed at /opt/Symantec/sdcssagent/AMD/sef/Logs/devlux.log.
Extended Lux debugging can be disabled by deleting the file /opt/Symantec/sdcssagent/AMD/sef/config/lux.logging.conf