Where can I find the log files for Symantec Endpoint Protection (SEP) client?
What are the functions of each of the log files?
This information can be used for parsing or other data gathering methods.
Note : For some of the logs like, syslog.log, tralog.log, etc, few of the details are in encrypted form as those logic and fields cannot be shared publicly. For those scenarios, it is suggested to use the SEPM logs and the SEPM's External Logging features for gathering the Client logs.
Scan logs can be found under C:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Logs\AV
%ProgramData%\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Cached Installs or in %Temp% contains the following log files: