How to get RSA Data Loss Prevention Endpoint logs for all components
2 years ago
Originally Published: 2015-09-25
Article Number
000067071
Applies To
RSA Product Set: Data Loss Prevention (DLP)
RSA Product/Service Type: Endpoint
RSA Version/Condition: 9.6
Platform: Windows 2008 R2
Issue
How to get DLP Endpoint logs for all components:
  • Root endpoint coordinator [rEPC] server
  • Endpoint coordinator [EPC] server
  • Endpoint machine hosting endpoint agent
Tasks
For  Root endpoint coordinator [rEPC] Logs:
Path:- C:\Program Files(x86)\RSA\EndpointCoordinator\Logs\

Log Files:-
1- EpcService
2- joinservice
3- joinaudit
4- DLPInstall

Path:- C:\Program Files(x86)\RSA\EndpointCoordinator\RabbitMQ\AppData\log
Log files:- rabbit@localhost


For Endpoint coordinator [EPC]  logs: 
Path:- C:\Program Files(x86)\RSA\EndpointCoordinator\Logs\

Log Files:-
1- DLPInstall
2- EpcService

Path:- C:\Program Files(x86)\RSA\EndpointCoordinator\RabbitMQ\AppData\log
Log Files:- rabbit@localhost


For Endpoint-Machine  Agent logs:
Path:- C:\Program Files(x86)\RSA\Enforce\logs

Log Files:- 
1- ep_security 
2- messages_EP

Related Articles

Trending Articles

Don't see what you're looking for?