Monday 7 May 2012

Automatic Script to Recreate the SEPM SEM5.LOG to Free Up Disk Space

We are finding that the server where the Symantec Endpoint Protection management console resides on gets its disk filled up with the SEM5.LOG over time. This is with the most recent edition that was apparently supposed to fix this problem.

Since we have Small Business Edition we are not able to trim that log using the SEP Console.

So, we set up the following script in a BAT file that we will set to run every week or day depending on log growth rate to keep that log size in check:

REM Change the extension to .BAT please!
REM Created by Philip Elder of MPECS Inc. http://blog.mpecsinc.ca
net stop SQLANYs_sem5
net stop semsrv
CD "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\db\"
attrib -r sem5.log
del sem5.log
CD "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\ASA\win32"
dbsrv11 -f "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\db\sem5.db"
net start SQLANYs_sem5
net start semsrv

A copy of the batch file resides in a text file here:

  • Symantec Endpoint Protection Database Log Reset BAT (Direct link to the TXT file so right click and Save As).
    • Change the TXT extension to BAT.
    • Right click and Run As Admin to run manually.
    • Set credentials and run with the highest privileges in Task Manager
    • Add a “Pause” underneath everything for a version of the BAT on the desktop to be used to run the script manually. Results then stay in the CMD window until we hit a key.

The BAT file nested in the Task Manager:

image

The log file before the script runs:

image

Note that the above log file was a just deleted and recreated one used in our testing.

image

The log file comes back in weighing in at a paltry 8KB!

We keep a copy of the file in the admin’s Downloads folder that is used to run the scheduled task with all PAUSE commands removed. We keep a copy of the file on the desktop that has PAUSE commands in it that we use to test the script and/or run it manually when we are logged into the server.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

Windows Live Writer

Posted by Philip Elder Cluster MVP at 11:19
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)