Endpoint Protection

  • Private Community

  • 1.  quarantine logs

    Posted Jun 13, 2014 12:51 AM

    Where the quarantine logs can be save in sepm?

    I have require 3 month logs data, how to get?



  • 2.  RE: quarantine logs
    Best Answer

    Posted Jun 13, 2014 01:02 AM

    Here is process for delete Logs but you can find Quarantined logs

    1. Log into the Endpoint Protection Manager.
    2. Click on the Monitors tab on the left pane.
    3. Click on the Logs tab at the top of the right pane.
    4. Click on Risk in the Log type drop-down menu.
    5. Select a time range from the Time range drop-down menu. (The default is Past 24 hours.)
    6. Click Advanced Settings in the bottom left hand corner.
    7. Next to Action Taken: choose Quarantined
    8. Click on the View Log button. This gives you a list of the quarantined items.
    9. In the Risk Logs window, click on the risk(s) you would like to remove.

    How to delete Quarantined items from the Symantec Endpoint Protection Manager.

    Article:TECH106444  | Created: 2008-01-03  | Updated: 2009-01-14  | Article URL http://www.symantec.com/docs/TECH106444

    Managing the Quarantine

    Article:HOWTO55236  | Created: 2011-06-29  | Updated: 2011-12-16  | Article URL http://www.symantec.com/docs/HOWTO55236

     

    SEPM logs find here

     

    C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs


  • 3.  RE: quarantine logs

    Posted Jun 13, 2014 08:04 AM

    Open your AV policy

    Select the Quarantine page >> Cleanup tab

    Set the option for "Delete after x days" to 90.

    To review quarantined items go to the Monitors page >> Logs tab

    Set the Log type to Risk

    Select Advanced Settings

    For Action taken select Quarantined

    Click View Log to see your items