Splunk® Supported Add-ons

Splunk Add-on for Symantec Endpoint Protection

Hardware and software requirements for the Splunk Add-on for Symantec Endpoint Protection

To install and configure the Splunk Add-on for Symantec Endpoint, you must be member of the admin or sc_admin role.

Symantec Endpoint Protection Manager setup requirements

In order to configure your Symantec Endpoint Protection Manager to export log data to a file, you need administrative access to the manager console.

You must install the Splunk Add-on for Symantec Endpoint Protection on a forwarder or single-instance Splunk Enterprise that is installed directly on the server running Symantec Endpoint Protection Manager in order to monitor dump files.

Splunk platform requirements

Because this add-on runs on the Splunk platform, all of the system requirements apply for the Splunk software that you use to run this add-on.

  • For Splunk Enterprise system requirements, see System Requirements in the Splunk Enterprise Installation Manual.
  • If you are managing on-premises forwarders to get data into Splunk Cloud, see System Requirements in the Splunk Enterprise Installation Manual, which includes information about forwarders.
Last modified on 09 January, 2023
About the Splunk Add-on for Symantec Endpoint Protection   Installation and configuration overview for the Splunk Add-on for Symantec Endpoint Protection

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters