All Apps and Add-ons

SEP Syslog Support?

splk
Communicator

According to some other questions, Splunk Enterprise Security comes with SEP TA Addon with syslog support.
Any plans to release this for the rest of us?

Kind regards

0 Karma
1 Solution

splk
Communicator

Newer SEP Versions allow sending data via Syslog.
Only the litte outdated Splunk App is not so nice.

View solution in original post

0 Karma

splk
Communicator

Newer SEP Versions allow sending data via Syslog.
Only the litte outdated Splunk App is not so nice.

0 Karma

rpille_splunk
Splunk Employee
Splunk Employee

TA-sep used to be bundled with Splunk Enterprise Security a few years ago, but it has been replaced with the Splunk Add-on for Symantec Endpoint Protection, which is Splunk-supported and available to everyone here: https://splunkbase.splunk.com/app/2772/.

The add-on collects data by monitoring local dump files locally.

0 Karma

splk
Communicator

Any plans to add syslog support for the sep logs?

0 Karma
Get Updates on the Splunk Community!

Now Available: Cisco Talos Threat Intelligence Integrations for Splunk Security Cloud ...

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk ...

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Easily Improve Agent Saturation with the Splunk Add-on for OpenTelemetry Collector

Agent Saturation What and Whys In application performance monitoring, saturation is defined as the total load ...