Symantec Critical System Manuel D’Utilisation

28 Planning the installation

About log files

drivers. To temporarily disable agents that run on Windows NT Server, you 
create an alternate hardware profile with the drivers disabled.
See

■

Symantec Critical System Protection services (IPS Service, IDS Service, Util 
Service) do not automatically restart after aborting.

About log files

Symantec Critical System Protection uses log files to record events and 
messages related to agent and management server activity.

Multiple versions of a log file may exist, as old versions are closed and new 
versions are opened. The versions are denoted by a number (for example, 
SISIDSEvents23.csv, sis-console.3.log).

See the Symantec Critical System Protection Administration Guide for more 
information on log files.

 lists the Symantec Critical System Protection agent log files.

Table 2-4

Agent log files

File name

Description

Default location

SISIPSService.log

This log file contains events that are related to 
the following:

■

Agent service operation

■

Applying policies and configuration 
settings

■

Communication with the management 
server

Windows:
Program Files\Symantec\Critical 
System Protection\Agent\scsplog\

UNIX:
/var/log/scsplog/

SISIDSEvents*.csv

This log file contains all events recorded by 
the Symantec Critical System Protection 
agent.

The asterisk in the file name represents a 
version number.

Windows:
Program Files\Symantec\Critical 
System Protection\Agent\scsplog\

UNIX:
/var/log/scsplog/