All Apps and Add-ons

Splunk Add-on for Symantec Endpoint Protection: Error 404 Home Page - First Installation

New Member

Installation :

1 Splunk server

1 Windows Server with Symantec Endpoint Protection Manager (SEPM)

I managed to export via UniversalForwarder all logs from SEPM to Splunk Server.

I see them via the command : "sourcetype = symantec:ep"

I follow the Manuel for inputs.conf on Symantec Server but with a modification :

I put the stanza not in %SPLUNK_HOME%\etc\apps\Splunk_TA_symantec-ep\local\inputs.conf because it didn't work

I put the stanza in %SPLUNK_HOME%\etc\apps\SplunkUniversalForwarder\local\inputs.conf

Then I tried to launch the add-on but i got the error at the first use "Ouups - 404 Error" for the Home Page.

I tried to re-install it, but still the same.

I know another post exist for this, but when I try to up it, someone told me "This is an old thread. Please post a new question."

So here we are ...

Thanks to all for your attention

0 Karma
Get Updates on the Splunk Community!

Splunk Observability Cloud | Customer Survey!

If you use Splunk Observability Cloud, we invite you to share your valuable insights with us through a brief ...

Happy CX Day, Splunk Community!

Happy CX Day, Splunk Community! CX stands for Customer Experience, and today, October 3rd, is CX Day — a ...

.conf23 | Get Your Cybersecurity Defense Analyst Certification in Vegas

We’re excited to announce a new Splunk certification exam being released at .conf23! If you’re going to Las ...