Home > Encryption, Full Disk Encryption, McAfee/SafeBoot/Intel, Programming > EPE Log Reader for McAfee Endpoint Encryption v6

EPE Log Reader for McAfee Endpoint Encryption v6

The McAfee EEPC6 product can generate a huge ammount of useful diagnostic information, but it’s pretty hard to interpret – take for example the following “useful” text:

2009-12-3 17:8:21,475 DEBUG MfeEpeHost From uuid = 10eed67b-e02d-11de-8fa1-000c295b5
e1d From Service = MfeEpeEncryptionServiceClient To uuid = 5145540F-1BA8-4F52-895D-6
17839C2869E To Service = MfeEpeEncryptionService Message = <element xsi:type="ns1:ES
GetSystemInfoQry"><sendTo serviceName="MfeEpeEncryptionService" serviceUUID="5145540
F-1BA8-4F52-895D-617839C2869E" xsi:type="ns1:MfeEpeAddress"></sendTo><replyTo servic
eName="MfeEpeEncryptionServiceClient" serviceUUID="10eed67b-e02d-11de-8fa1-000c295b5
e1d" xsi:type="ns1:MfeEpeAddress"></replyTo></element>
This is just one line from a log – good luck understanding the other 10,000 or so!

My EPELogReader tries to help you make sense of this noise – it has a few potted queries built in to help you (under the Search dropdown), and lets you find free text, classes and types of events. It also parses out the log to make it pretty, highlighting the XML tags and tabbing them out properly.

Finally, you can turn on and off logging from the menu itself. Note, you need to run it as an administrator on Vista and W7 for this to work (users don’t have rights to HKLM) – to do this, unfortunately you have to start an administrator command prompt and then run it from there, there’s no way of right-clicking a HTA and doing “Run as Administrator”.

You can download EPELogFileReader from CTOGoneWild

Enjoy, and if you have any comments or suggestions please post them here!
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: