Managing_Logs

Managing Logs

OfficeScan keeps comprehensive logs about security risk detections, events, and updates. Use these logs to assess your organization's protection policies and to identify clients at a higher risk of infection or attack. Also use these logs to check client-server connection and verify if component updates were successful.

OfficeScan also uses a central time verification mechanism to ensure time consistency between OfficeScan server and clients. This prevents log inconsistencies caused by time zones, Daylight Saving Time, and time differences, which can cause confusion during log analysis.

OfficeScan generates the following logs:

Security Risk Logs

OfficeScan generates logs when it detects virus/malware and spyware/grayware, and when it restores spyware/grayware. For more information about security risk logs, see the following topics:

Firewall Logs

OfficeScan generates logs when it detects violations to firewall policies. For details, see Firewall Logs.

Web Reputation Logs

OfficeScan generates logs when it blocks known or potentially malicious Web sites. For details, see Web Reputation Logs.

Connection Verification Logs

OfficeScan generates connection verification logs to allow you to determine whether or not the OfficeScan server can communicate with all of its registered clients. For details, see Connection Verification Logs.

Component Update Logs

OfficeScan generates logs when the server and client perform component updates. View the logs to verify that OfficeScan successfully downloaded the components required to keep protection current. For more information about update logs, see the following topics:

Behavior Monitoring Logs

OfficeScan generates logs when the client detects unusual modifications to the operating system or on installed software. For details, see Behavior Monitoring.

Device Control Logs

OfficeScan generates logs when the client detects unauthorized access to devices connected to the client computer. Clients then send the logs to the server once per day. For details, see Device Control Logs.

System Events Logs

OfficeScan generates system update logs to keep you informed about events that keep the OfficeScan server functioning properly, such as database backup and master service restart. For details, see System Event Logs.

Windows Event Logs

Windows Event Viewer records successful application events that have taken place, like logging on, or changing account settings. For details, see Windows Event Logs.

Debug Logs

Use debug logs to troubleshoot problems with the OfficeScan server and client. For more information about debug logs, see the following topics:

See also: