When upgrading to Symantec Endpoint Protection 12.1 you will get prompts during the upgrade process to enable/disable/configure database backups and log truncation. I recommend leaving these at the default settings. Do not turn them off.
Database backups of the Symantec Embedded Database are important because there are plenty of things out there that can corrupt and go wrong with the database. One of the biggest sources of corruption is when the disk that the database resides on runs out of space. The Embedded Database Service will stop and there is a good chance your database is completely corrupted.
This leads on to Log Truncation. I have seen the Embedded Database Logs grow to 50GB+. So out of control logs can corrupt your database, which in turn takes down your whole antivirus management solution. So make sure you keep those automatic log truncation settings at their defaults.
Here is a great article on how to manually truncate the Embedded Database transaction logs if they have gone out of control. Then you can turn automatic transaction log truncation back on in the Manager.
If you can still log into the Manager (the services have not shut down yet and the database is still running) and you have the Enterprise version of SEPM 12.1 there is also a “Truncate Database Logs Now” button in the SEPM under the Admin tab.
The Small Business Edition of SEPM 12.1 does not have the ‘Truncate Database Logs Now” button. Also, please note, while you can modify the truncation frequency in the Enterprise edition you can not do this in the Small Business Edition. The truncation schedule is fixed/unconfigurable in the Small Business Edition. There is also a known issue in Small Business Edition of SEPM 12.1 where the logs do not truncate. Updating the Manager to SEP 12.1 Release Update 1a (or at the time of writing this, Release Update 2) will fix this known issue.
After you have truncated the logs and freed up space on your drive, should the Symantec EndPoint Protection Manager services not remain started, chances are your database is corrupt and you will need to restore the database from backup. Going to Start –> All Programs –> Symantec EndPoint Protection Manager –> Database Backup and Restore will launch a wizard to walk you through locating your backup file for restore.
Leave a Reply