This article describes steps for configuring the Communication Module logging in Symantec Endpoint Protection (SEP) 14.2. This logging is used to troubleshoot communication issues between the SEP client and the Symantec Endpoint Protection Manager (SEPM). Communication module logging replaces Sylink logging.
Caution: Before you begin, you should make a backup of the Windows Registry. See the Microsoft article Back up the registry.
Note: Tamper protection must be disabled before you follow this process. If you do not disable Tamper Protection, it will block the required registry key modifications. To disable Tamper Protection, see the following article: Disable Tamper Protection
To configure Communication Module logging:
1. To open the Registry Editor, click Start. In the Search programs and files field, enter regedit, and then click regedit.exe from the list of results.
Alternately, click Start > Run, enter regedit, and then click OK.
3. Find or create the CVELogLevel (REG_DWORD) value and edit it to set the desired logging level. Supported values are:
1 = Debug
2 = Info
3 = Warn
4 = Error
5 = Fatal
Note: When troubleshooting communication issues, a value of 1 is strongly recommended to ensure that all pertinent data is collected. If this value is not present or is configured to use an invalid value, the product will default to a logging level of 4.
4. To adjust the maximum size of the logs, locate or create the CVELogSizeMB (REG_DWORD) value and edit it to set the maximum size of the logs in MB. The default size is 250 MB. When size is reached, log file name is appended with _yyyymmdd_hhmmss and new logging is started, so nothing is lost due to the limit.
A service restart is not required for the new settings to take effect.
Note: For Mac specific instructions please see TECH132983
Log and Data Location:
1. Communication logging will be found under C:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Logs in the following two files:
2. Additionally, opstate data will be written in the following files under C:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\
Subscribing will provide email updates when this Article is updated. Login is required.