Symantec Endpoint Protection to Splunk Cloud

since20982 · ‎01-04-2022

Hi,

We are using Splunk Cloud.

We have installed symantec endpoint protection version 14.3 RU3 build 5413. We are not using symanted endpoint protection manager. We are using symantec cloud hybrid to manage all SEP clients.

Can you please help how can I send symantec endpoint protection client logs from all windows servers to splunk cloud ? How can I configure data inputs for the same. Sorry I am new to splunk and cannot find any document for symantec endpoint protection to splunk cloud.

inventsekar · ‎01-04-2022

Hi .. please check this documentation..

https://docs.splunk.com/Documentation/AddOns/released/SymantecEP/About

Also with Splunk Cloud, you can reach out to Splunk Cloud Support, they will help you better.

happy journey with Splunk Cloud!

thanks and best regards,
Sekar

PS - If this or any post helped you in any way, pls consider upvoting, thanks for reading !

since20982 · ‎01-04-2022

As per my opinon their support is really worst.

This is what Splunk support is saying.

As Support will be handling Break & Fix issues, we don't have any documentation on how to integrate Symantec Endpoint Protection logs with the Splunk Cloud. As informed, kindly reach out to AOD(Admin On Demand) team by contacting your Account Owner. They will be assisting you with all the required documents and further assistance. Hope you understand the same. Let us know how to proceed further on this case.

Symantec Endpoint Protection to Splunk Cloud

administration

configuration

installation

search

troubleshooting

Splunk at Cisco Live 2025: Learning, Innovation, and a Little Bit of Mr. Brightside

Splunk App Dev Community Updates – What’s New and What’s Next

The Latest Cisco Integrations With Splunk Platform!

Are you a member of the Splunk Community?

Symantec Endpoint Protection to Splunk Cloud