c:\Program Files\McAfee\ePolicy Orchestrator\Server\Logs

Check: https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/24000/PD24809/en_US/...

Thanks for your help. Need your help for this also. The audit log is getting flooded with following entry " The user was not authorized to access the requested URL /SoftwareMgmt/navButton.do." Why is it happening? Is there any solution for this?

I was able to copy the file manuall into the evidence location. There is no issue with credentials.

Thank you for your extensive help. I will try checking the orion log. Currently i do not have access to epo server logs. I will gain access and let you know with the detailed error logs. And also thank you for the help with the audit log issue. Will try updating the DLP 11.0 P6 build also. Will let you know with further steps. Please be in touch. Your help will be needed.

I checked the orion log file. I am getting below logs:

dc.DataChannelAgentMessageListener - com.mcafee.keyserver.exception.KeyserverException: Key re-use not permitted: server setting disabled

service.DataChannelMessageServiceInternal - Error in notifying listeners of message Type EEADMIN_1000_KSGetMachineKeyQry
action.RegisterDocumentsActions - Could not copy files to \\Server IP\folder\regDocs
jcifs.smb.SmbException: Failed to connect: 0.0.0.0<00>/Server IP
jcifs.util.transport.TransportException
java.net.SocketException: Connection reset

What should I do?

Thanks for your support. If you could help me with the below requirement also; it would be much appreciated.

How to classify pdf containing scanned image?

Please create a separte thread for this query as it will mix up the issues.