This article describes how to collect debug logging information from the SMSMSE product.

To obtain a DebugView log file you must perform the following actions:

1. Setup DebugView
2. Enable the logging appropriate to your issue
3. Capture the DebugView data

For all issues, Setup DebugView first

DebugView is a monitoring program that allows you to monitor debug output on your local computer. You can download DebugView from this Microsoft Web site. Symantec does not support or warranty this program. Symantec makes no guarantee or promise of suitability or compatibility of DebugView with your computer. 

1. Download and install DebugView.
2. Open DebugView.
3. Click Options. Check Clock Time and Show Milliseconds.
4. Click File. Click Log to File.
5. In the Log File text box, type c:\dbgview.log
6. Click Limit Log Size.
7. In the Max Log Size (MB) text box, type the desired maximum size for your log file.
8. Click OK.
9. In 64 bit Windows OS click Capture. Check Capture Global Win32.

To enable the proper logging elements; you must make some changes in your Windows registry:

A. To enable logging for Service related issues

B. To enable logging for Real-Time Virus Scanning and Content Filtering(Auto Protect) scanning issues

C. To enable logging for transport scanning issues on Exchange 2007 or later (including AntiSpam issues)

D .To enable logging for Manual or Scheduled scanning issues

A. To enable logging for Service related issues

1. Open the Registry Editor.
2. Browse to the following registry key:  

(SMSMSE 7.9.x & Later) HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SMSMSE\<version>\Server

NOTE: The <version> part of the key path is dependent on the version of SMSMSE installed.

3. Create the following registry entries as DWORD entries and set the value to one (1):

CMDDebugEnabled

LogAllFailures 

4. Restart the following Windows Services:

Symantec Mail Security for Microsoft Exchange

Symantec Mail Security Utility Service

5. Reproduce the issue you are attempting to debug.
6. Revert the registry changes you made previously by changing the DWORD values from one (1) to zero (0).

B. To enable logging for Real-Time Virus Scanning and Content Filtering(Auto Protect) scanning issues on Exchange 2010 and earlier

Note: For Exchange 2013 and later all real-time scanning is done during message transport. For troubleshooting real-time scanning issues on 2013 or later, implement the instructions in section C.

1. Open the Registry Editor.
2. Browse to the following registry key: 

(SMSMSE 7.9.x & Later) HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SMSMSE\<version>\Server

NOTE: The <version> part of the key path is dependent on the version of SMSMSE installed.

3. Create the following registry entries as DWORD entries and set the value to one (1):

CMDDebugEnabled

LogAllFailures 

4. If the issue is occurring on a 2010 or earlier Exchange server, turn on Exchange VSAPI logging by changing the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\VirusScan

a. In the right pane double-click the Parameters value.

b. In the Value Data text box, add the following string to the beginning of the data:

debuglevel 1

NOTE: Do not delete the existing data. Insert the string before the existing data.

c. In the right pane double-click the ReloadNow value.

d. In the Value Data text box set the value to 1.

e. Close the Registry Editor.

5. Restart the following Windows Services:

Symantec Mail Security for Microsoft Exchange

Symantec Mail Security Utility Service

6. Reproduce the issue you are attempting to debug.
7. Revert the registry changes you made previously by changing the DWORD values from one (1) to zero (0).

C . To enable logging for transport scanning issues on Exchange 2007 or later (including AntiSpam issues)

1. Open the Registry Editor.
2. Browse to the following registry key:  

(SMSMSE 7.9.x & Later) HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SMSMSE\<version>\Server

NOTE: The <version> part of the key path is dependent on the version of SMSMSE installed. 

3. Create the following registry entries as DWORD entries and set the value to one (1):

CMDDebugEnabled

LogAllFailures 

4. Browse to the following registry key:

(SMSMSE 7.9.x & Later) HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SMSMSE\<version>\Server\Components\SMTP

5. Create the following registry entry as a DWORD entry and set the value to one (1):

TransportAgentDebugOutput

6. Restart the following Windows Services:

Symantec Mail Security for Microsoft Exchange

Symantec Mail Security Utility Service

Microsoft Exchange Transport

7. Reproduce the issue you are attempting to debug.
8. Revert the registry changes you made previously by changing the DWORD values from one (1) to zero (0).

D. To enable logging for Manual or Scheduled scanning issues

1. Open the Registry Editor.

2. Browse to the following registry key:  

(SMSMSE 7.9.x & Later) HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SMSMSE\<version>\Server

NOTE: The <version> part of the key path is dependent on the version of SMSMSE installed.

3. Create the following registry entries as DWORD entries and set the value to one (1):

CMDDebugEnabled

LogAllFailures

LogAllSerialScanData

If the issue you are troubleshooting is occurring on an Exchange 2010 or later server, add the following additional DWORD entries, and set the value to one (1):

LogEWSFailures

EWSTraceEnabled

4. Restart the following Windows Services:

Symantec Mail Security for Microsoft Exchange

Symantec Mail Security Utility Service

5. Reproduce the issue you are attempting to debug.
6. Revert the registry changes you made previously by changing the DWORD values from one (1) to zero (0)

To submit the data

1. Save the Windows application log and system event log in .evtx format.
2. Save the VSAPI log (if requested) and the DebugView file to the same folder in which you saved the application log and the system event log.
3. Use a zip utility to compress the log files.
4. Provide the zipped log files to your support agent.

Notes

The DebugView log file is the full path that you specified in DebugView.