To collect logs for OfficeScan's (OSCE) Data Leak Protection (DLP), you must activate debug logging for the the Data Protection module.
Do the following:
- Obtain the logger.cfg file from Trend Micro Technical Support.
- Unload the OfficeScan client and supply the unload password.
- Type "REGEDIT".
- Add the following data in HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\DlpLite:
- Create a folder named "Log" in your C:\ directory.
- Copy logger.cfg to the Log folder.
- Reload your OfficeScan clients though the Program Group.
The log should be located at C:\log\dlp.<Machine_name>.xxxx.log