You are trying to create a detailed report in either HTML or CSV format, however, error appears at end of the report and some records get truncated.

Error can be either of these below:

1. Log report has been truncated due to the number of records.  Reduce the report date/time range.

2. Log report has been truncated because the processing time limit was exceeded.  Reduce the report date/time range.

SSE / SPE will truncate the log report when it reaches the limits. These limits are detailed below:

1. The CSV file gets truncated if number of characters in given file reach 1,500,000. 

     - Message at the end of file: “Log report has been truncated due to the number of records.  Reduce the report date/time range.”

2. The HTML file gets truncated if number of characters in generated html file exceeds 2,500,000 and this includes html tags.

     - Message at the end of file: “Log report has been truncated due to the number of records.  Reduce the report date/time range.”

3. The HTML file gets truncated if time taken to generate HTML file from log file exceeds 3*60*1000 milliseconds which is 3 minutes.

     - Message at the end of file: “Log report has been truncated because the processing time limit was exceeded.  Reduce the report date/time range.”

As either of the errors is written to report due to product behaviour when it reaches particular limit, the following can be considered in order to avoid the issue:

1. To avoid exceeding the 3 minutes time limit for HTML report creation, generate report when the SSE / SPE box is not busy, for example after office hours.

2. To avoid exceeding the characters limit for report creation,

          - Create report to include data up to the day before current day. Or even create reports from different date ranges and combined them back together if needed.

          - Create separate reports for different types of events.

Applies To

Symantec Scan Engine (SSE) 5.2.x / Symantec Protection Engine (SPE) 7.0.x