Endpoint Protection Small Business Edition

 View Only

  • 1.  Trying to determine when clients are updated from server

    Posted May 14, 2012 02:45 PM

    Hello, I am trying to find a log of when the server sends out definition updates to clients to see if it matched up with bandwidth spikes that we are seeing.

    If there is a report to see this in SEPM, that's even better.

    Running SEP/SEPM 12.1. 

    I am happy to provide more information if necessary.



  • 2.  RE: Trying to determine when clients are updated from server
    Best Answer

    Trusted Advisor
    Posted May 15, 2012 07:41 AM

    Hello,

    You could check the Sylink.log as well as the Log.liveupdate from the client machine.

    And in case, you want the logs from the SEPM, then check the System Logs.

    Check this Article:

    https://www-secure.symantec.com/connect/articles/how-can-we-check-which-content-sep-121-clients-are-downloading-gup

    Hope that helps!!!



  • 3.  RE: Trying to determine when clients are updated from server

    Posted May 15, 2012 02:32 PM

    That worked great for me, thank you!  Since I hate getting to a forum with a link that is broken, here's an explanation of the settings that I set to get the information that I needed:

    SEPM 12.1 - In the MONITORS tab,

    What type of log would you like to see?

    Log Type: System

    Log Content: Client Activity

    What filter settings would you like to use?

    Event Type: Client Events

    Event Source: SYLINK

     



  • 4.  RE: Trying to determine when clients are updated from server

    Trusted Advisor
    Posted May 15, 2012 03:15 PM

    Hello,

    Also check these:

    About log types

    http://www.symantec.com/docs/HOWTO27271

    About the different types of Symantec Endpoint Protection Manager Reports

    http://www.symantec.com/docs/TECH95538

    Hope that helps!!