Trying to wade through Client Activity logs can become a tedious task, especially when you have thousands of clients. I would like to show you some advanced filtering that you can do to get the Client info you need much more quickly.
For this article, I will focus solely on the Client Activity logs in the SEPM:
The box we want to use for filtering is the Event source box. There are specific keywords you can use to get more granular. They are as follows:
- GUP
- IPS
- LiveUpdate Manager
- Network Intrusion Protection Sys
- REP
- Smc
- SONAR
- SYLINK
- Symantec AntiVirus
- Symantec Endpoint Protection
To look at events generated by SMC, we enter SMC into the Event source box:
Click View Log to see those events
As you can see, a wealth of info is generated. This also holds true for the other nine keywords above as well. I highly recommend you try these out to see what info comes back. It is very detailed and you may find somethings that you previously did not know about! Better yet, you can export to CSV and drop into Excel and filter as needed.
I hope these help you in your daily monitoring tasks. Feel free to post and comments/questions/criticisms
Thanks!
Brian