Splunk® Supported Add-ons

Splunk Add-on for Symantec Endpoint Protection

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

About the Splunk Add-on for Symantec Endpoint Protection

Version 3.4.1
Vendor Products Symantec Endpoint Protection versions 14.0 to 14.2RU2, 14.3.35RU1 MP1,14.3RU4
Visible in Splunk Web No. This add-on does not contain any views.

Use the Splunk Add-on for Symantec Endpoint Protection (SEP) to collect SEP server and client activity logs from:

  • Symantec Endpoint Protection Manager dump files
  • Syslog, using Splunk forwarders and Splunk Connect for Syslog

You can collect the following log files:

  • Server Administration
  • Application and Device Control
  • Server Client
  • Server Policy
  • Server System
  • Client Packet
  • Client Proactive Threat
  • Client Risk
  • Client Scan
  • Client Security
  • Client System
  • Client Traffic

This add-on provides inputs and CIM-compatible knowledge that you can use with other Splunk Enterprise add-ons and apps. These include Splunk Enterprise Security and the Splunk App for PCI Compliance.

Download the Splunk Add-on for Symantec Endpoint Protection from Splunkbase.

For a summary of new features, fixed issues, and known issues, see Release Notes for the Splunk Add-on for Symantec Endpoint Protection.

For information about installing and configuring the Splunk Add-on for Splunk Add-on for Symantec Endpoint Protection, see Installation and configuration overview for the Splunk Add-on for Symantec Endpoint Protection.

See Questions related to Splunk Add-on for Symantec Endpoint Protection on Splunk Answers.

Last modified on 09 January, 2023
  NEXT
Hardware and software requirements for the Splunk Add-on for Symantec Endpoint Protection

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters