You are trying to create a detailed report in either HTML or CSV format, however, error appears at end of the report and some records get truncated.
Error can be either of these below:
1. Log report has been truncated due to the number of records. Reduce the report date/time range.
2. Log report has been truncated because the processing time limit was exceeded. Reduce the report date/time range.
SSE / SPE will truncate the log report when it reaches the limits. These limits are detailed below:
1. The CSV file gets truncated if number of characters in given file reach 1,500,000.
- Message at the end of file: “Log report has been truncated due to the number of records. Reduce the report date/time range.”
2. The HTML file gets truncated if number of characters in generated html file exceeds 2,500,000 and this includes html tags.
3. The HTML file gets truncated if time taken to generate HTML file from log file exceeds 3*60*1000 milliseconds which is 3 minutes.
- Message at the end of file: “Log report has been truncated because the processing time limit was exceeded. Reduce the report date/time range.”
These are the possible causes to reach the limit above when generating the report in CSV / HTML format:
Possible causes to exceed the 3 minutes limit to generate the HTML format report:
1. The system is overloaded when creating the report.
2. The same logs are simultaneously being used by Symantec Protection Engine process to write new events, and to generate reports.
As either of the errors is written to report due to product behaviour when it reaches particular limit, the following can be considered in order to avoid the issue:
1. To avoid exceeding the 3 minutes time limit for HTML report creation, generate report when the SSE / SPE box is not busy, for example after office hours.
2. To avoid exceeding the characters limit for report creation,
- Create report to include data up to the day before current day. Or even create reports from different date ranges and combined them back together if needed.
- Create separate reports for different types of events.
Symantec Scan Engine (SSE) 5.2.x / Symantec Protection Engine (SPE) 7.0.x
Login to Subscribe
Please login to set up your subscription.
Get support for your product, with downloads, knowledge base articles, documentation, and more.
Maximize your product competency and validate technical knowledge to gain the most benefit from your IT investments.
Submit a suspected infected file to Symantec.
Report a suspected erroneous detection (false positive).
Set default language
Do you wish to save this as your future site?