Friday, November 28, 2014

System Center Endpoint Protection Client log file location

Many times you need to troubleshoot System Center Endpoint Protection client issues. Mainly signature updates and update download location.

Here are the quick summary of the System Center Endpoint Protection log file locations and a simple note what they do;
%AllUsersProfile%\Microsoft\Microsoft Antimalware\Network Inspection System\Support - log files related to network inspection service
%AllUsersProfile%\Microsoft\Microsoft Antimalware\Support - Log files related to antimalware service
%AllUsersProfile%\Microsoft\Microsoft Security Client\Support - Log files related to SCEP client software
%WinDir%\CCM\Logs\EndpointProtectionagent.log - Shows Endpoint version and policies applied
%WinDir%\temp\MpCmdRun.log - Activity when performing scheduled scans and signature updates and download locations
%WinDir%\temp\MpSigStub.log - Update progress for signature and Engine updates

No comments:

Post a Comment