Splunk® Supported Add-ons

Splunk Add-on for Symantec Endpoint Protection

Release notes for the Splunk Add-on for Symantec Endpoint Protection

Version 3.4.1 of the Splunk Add-on for Symantec Endpoint Protection was released on January 5, 2022.

Compatibility

Version 3.4.1 of the Splunk Add-on for Symantec Endpoint Protection is compatible with the following software, CIM versions, and platforms.

Splunk platform versions 7.2, 7.3, 8.0, 8.1, 9.0
CIM 5.0.2
Platforms Windows for the data collection node
Vendor Products Symantec Endpoint Protection versions 14.0 to 14.2RU2, 14.3.35 RU1 MP1, 14.3RU4


New features

Version 3.4.1 of the Splunk Add-on for Symantec Endpoint Protection has the following new features:

  • Support for the Splunk Common Information Model version 5.0.2.


Fixed issues

Version 3.4.1 of the Splunk Add-on for Symantec Endpoint Protection fixes the following (if any) issues.

  • Corrected the extractions of signature CIM field, End_Time and Event_Insert_Time fields for symantec:ep:proactive:file/syslogsourcetype



Known issues

Version 3.4.1 of the Splunk Add-on for Symantec Endpoint Protection contains the following (if any) known issues.

Last modified on 13 January, 2023
Lookups for the Splunk Add-on for Symantec Endpoint Protection   Release history for the Splunk Add-on for Symantec Endpoint Protection

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters