About log files – Symantec Critical System User Manual
Page 28
28 Planning the installation
About log files
drivers. To temporarily disable agents that run on Windows NT Server, you
create an alternate hardware profile with the drivers disabled.
See
“Temporarily disabling Windows NT agents”
■
Symantec Critical System Protection services (IPS Service, IDS Service, Util
Service) do not automatically restart after aborting.
About log files
Symantec Critical System Protection uses log files to record events and
messages related to agent and management server activity.
Multiple versions of a log file may exist, as old versions are closed and new
versions are opened. The versions are denoted by a number (for example,
SISIDSEvents23.csv, sis-console.3.log).
See the Symantec Critical System Protection Administration Guide for more
information on log files.
lists the Symantec Critical System Protection agent log files.
Table 2-4
Agent log files
File name
Description
Default location
SISIPSService.log
This log file contains events that are related to
the following:
■
Agent service operation
■
Applying policies and configuration
settings
■
Communication with the management
server
Windows:
Program Files\Symantec\Critical
System Protection\Agent\scsplog\
UNIX:
/var/log/scsplog/
SISIDSEvents*.csv
This log file contains all events recorded by
the Symantec Critical System Protection
agent.
The asterisk in the file name represents a
version number.
Windows:
Program Files\Symantec\Critical
System Protection\Agent\scsplog\
UNIX:
/var/log/scsplog/