I followed the instruction to Enabling Logging and Debug Logging in Symantec Endpoint Encryption 11 (https://support.symantec.com/en_US/article.TECH223...), but still I am not able to see all the logs at default Symantec Endpoint Encryption log location (C:\Program Files (x86)\Symantec\Symantec Endpoint Encryption Management Server\Services\Logs).
Well, I could see below files @C:\Program Files (x86)\Symantec\Symantec Endpoint Encryption Management Server\Services\Logs :
gecws_4_5_2017
Symantec.Endpoint.Encryption.ADSync.0001
Symantec.Endpoint.Encryption.ConfigManager.0002
Symantec.Endpoint.Encryption.NovellSync.0003
However, it doesn't contain all the logs example: Drive Encrypted/Drive Decrypted, Client installed in a system etc.
Now, when I run run the corresponding report I could see the information but what if I want to have a seperate log file that logs all these action so that I can forward it to SIEM? Or is there any way we can forward desired the logs to SYSLOG server or can fetch the log directly from Microsoft Windows SQL Server to forward it to SIEM? I think we can do the similar configuration with SEPM but how to do that with SEEM?