The database sweep function can be triggered manually or automatically. It is triggered automatically when the number of records exceeds the value entered on the Policy Manager, or exceeds the time limit listed on the Policy Manager. The sweep function works by using two tables for each log type. The server will start out by putting logs into one of the tables (call it Table1). Once the sweep gets done the server will switch to use the second table (call it Table2) and start storing any new logs into this second table. Before the server switches to Table2 it will remove all logs from Table2. Table1 will still have all the logs it collected. Then once the sweep function is run again the server will switch back to Table1, removing all logs from Table1, but keeping the logs that were collected during the time it was using Table2. The server will basically switch back and forth between these two tables each time the sweep function is called, clearing that one table before using it. After you configure database maintenance options from the Admin > Servers page, on the Database tab of the Site Properties dialog box in the Symantec Endpoint Protection Manager Console, the new options are not picked up by the database maintenance task. To have the options take effect, you can stop and start the database maintenance task by typing the following URLs in this order from a web browser located on the Symantec Endpoint Protection Manager server: To stop a database maintainance task: https://localhost:8443/servlet/ConsoleServlet?ActionType=ConfigServer&action=StopTask&task=AgentSweepingTask To start a database maintainance task https://localhost:8443/servlet/ConsoleServlet?ActionType=ConfigServer&action=StartTask&task=AgentSweepingTask Alternatively, you can log out of the console and restart the Symantec Endpoint Protection Manager service from the Task Manager.
What is policy manager ?
How it is connected with SEPM DB ?
Does this Swepping task runs on entire SEPM database ?
Does this task include Linux clients tables in SEM5 DB ?
I am looking for more detail information on how this sweep function runs in Symantec endpoint protection manager database.
Answered my own question: yes, it applies to SEP 12.
What happens every X minutes in Symantec Endpoint Protection Manager
http://www.symantec.com/docs/TECH172201
or
http://www.symantec.com/business/support/index?page=content&id=TECH172201&profileURL=https%3A%2F%2Fsymaccount-profile.symantec.com%2FSSO%2Findex.jsp%3FssoID%3D136061222815182TKo3H8Vas7wHvJ6BPpo2zO9P2ogF6T6MO6i
Are there any changes for SEP 12.1 ?
These are the SEP 11 steps I used (after enabling it)
I recall that in SEP 11 it always happens at midnight (SEPM time) as well.
Thanks for the article.