Splunk® Supported Add-ons

Splunk Add-on for Symantec Endpoint Protection

Download manual as PDF

Download topic as PDF

About the Splunk Add-on for Symantec Endpoint Protection

Version 2.3.0
Vendor Products Symantec Endpoint Protection versions 12.x and 14.x
Visible in Splunk Web No. This add-on does not contain any views.

The Splunk Add-on for Symantec Endpoint Protection allows a Splunk platform administrator to collect logs from Symantec Endpoint Protection Manager over dump files. You can collect the following log files:

  • Server Administration
  • Application and Device Control
  • Server Client
  • Server Policy
  • Server System
  • Client Packet
  • Client Proactive Threat
  • Client Risk
  • Client Scan
  • Client Security
  • Client System
  • Client Traffic

After the Splunk platform indexes the events, you can consume the data using the prebuilt panels included with the add-on. This add-on provides the inputs and CIM-compatible knowledge to use with other Splunk apps, such as Splunk Enterprise Security and the Splunk App for PCI Compliance.

Download the Splunk Add-on for Symantec Endpoint Protection from Splunkbase.

For a summary of new features, fixed issues, and known issues, see Release Notes for the Splunk Add-on for Symantec Endpoint Protection.

For information about installing and configuring the Splunk Add-on for Symantec Endpoint Protection, see Installation and configuration overview for the Splunk Add-on for Symantec Endpoint Protection.

See Questions related to Splunk Add-on for Symantec Endpoint Protection on Splunk Answers.

  NEXT
Source types for the Splunk Add-on for Symantec Endpoint Protection

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters