I am seeing lot of event logs related to SEPM files, the linux server used reverse proxy using apache.

I am seeing lot of Windows event logs related to SEPM files, the linux server uses reverse proxy using apache to get liveupdates.

Would be helpful to identify, why these many logs are generated.

The Events are related to access of Symantec setup files, and event there of.  I have enclosed the errors related to to logs and it creates for everyfolder.

Log Name:      Security
Source:        Microsoft-Windows-Security-Auditing
Date:          10/30/2018 10:46:33 AM
Event ID:      4663
Task Category: Removable Storage
Level:         Information
Keywords:      Audit Success
User:          N/A
Computer:      SECLPRVSECSEP01.cloudfabric.intraxa
Description:
An attempt was made to access an object.

Subject:
    Security ID:        NT SERVICE\semwebsrv
    Account Name:        semwebsrv
    Account Domain:        NT SERVICE
    Logon ID:        0x1F8B7

Object:
    Object Server:        Security
    Object Type:        File
    Object Name:        D:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\inbox\log\tex\legacy
    Handle ID:        0x14d4
    Resource Attributes:    S:PAINO_ACCESS_CONTROL

Process Information:
    Process ID:        0x83c
    Process Name:        D:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\apache\bin\httpd.exe

Access Request Information:
    Accesses:        ReadData (or ListDirectory)
                
    Access Mask:        0x1
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />
    <EventID>4663</EventID>
    <Version>1</Version>
    <Level>0</Level>
    <Task>12812</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8020000000000000</Keywords>
    <TimeCreated SystemTime="2018-10-30T09:46:33.103434100Z" />
    <EventRecordID>1485466415</EventRecordID>
    <Correlation />
    <Execution ProcessID="544" ThreadID="556" />
    <Channel>Security</Channel>
    <Computer>SECLPRVSECSEP01.cloudfabric.intraxa</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="SubjectUserSid">S-1-5-80-948765316-811284391-187558744-2005173589-387111393</Data>
    <Data Name="SubjectUserName">semwebsrv</Data>
    <Data Name="SubjectDomainName">NT SERVICE</Data>
    <Data Name="SubjectLogonId">0x1f8b7</Data>
    <Data Name="ObjectServer">Security</Data>
    <Data Name="ObjectType">File</Data>
    <Data Name="ObjectName">D:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\inbox\log\tex\legacy</Data>
    <Data Name="HandleId">0x14d4</Data>
    <Data Name="AccessList">%%4416
                </Data>
    <Data Name="AccessMask">0x1</Data>
    <Data Name="ProcessId">0x83c</Data>
    <Data Name="ProcessName">D:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\apache\bin\httpd.exe</Data>
    <Data Name="ResourceAttributes">S:PAINO_ACCESS_CONTROL</Data>
  </EventData>
</Event>

Log Name:      Security
Source:        Microsoft-Windows-Security-Auditing
Date:          10/30/2018 10:46:33 AM
Event ID:      4663
Task Category: Removable Storage
Level:         Information
Keywords:      Audit Success
User:          N/A
Computer:      SECLPRVSECSEP01.cloudfabric.intraxa
Description:
An attempt was made to access an object.

Subject:
    Security ID:        NT SERVICE\semwebsrv
    Account Name:        semwebsrv
    Account Domain:        NT SERVICE
    Logon ID:        0x1F8B7

Object:
    Object Server:        Security
    Object Type:        File
    Object Name:        D:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\inbox\log\tex\RepMgtMan
    Handle ID:        0x14d4
    Resource Attributes:    S:PAINO_ACCESS_CONTROL

Process Information:
    Process ID:        0x83c
    Process Name:        D:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\apache\bin\httpd.exe

Access Request Information:
    Accesses:        ReadData (or ListDirectory)
                
    Access Mask:        0x1
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />
    <EventID>4663</EventID>
    <Version>1</Version>
    <Level>0</Level>
    <Task>12812</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8020000000000000</Keywords>
    <TimeCreated SystemTime="2018-10-30T09:46:33.103434100Z" />
    <EventRecordID>1485466422</EventRecordID>
    <Correlation />
    <Execution ProcessID="544" ThreadID="556" />
    <Channel>Security</Channel>
    <Computer>SECLPRVSECSEP01.cloudfabric.intraxa</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="SubjectUserSid">S-1-5-80-948765316-811284391-187558744-2005173589-387111393</Data>
    <Data Name="SubjectUserName">semwebsrv</Data>
    <Data Name="SubjectDomainName">NT SERVICE</Data>
    <Data Name="SubjectLogonId">0x1f8b7</Data>
    <Data Name="ObjectServer">Security</Data>
    <Data Name="ObjectType">File</Data>
    <Data Name="ObjectName">D:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\inbox\log\tex\RepMgtMan</Data>
    <Data Name="HandleId">0x14d4</Data>
    <Data Name="AccessList">%%4416
                </Data>
    <Data Name="AccessMask">0x1</Data>
    <Data Name="ProcessId">0x83c</Data>
    <Data Name="ProcessName">D:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\apache\bin\httpd.exe</Data>
    <Data Name="ResourceAttributes">S:PAINO_ACCESS_CONTROL</Data>
  </EventData>
</Event>