All Apps and Add-ons

Why is the dashboard not showing any data in Splunk Add-on for Symantec Endpoint Protection?

New Member

Hi Folks

I have all my Symantec data collected in an index called Symantec. the data come in from a universal forwarder running on that Symantec log server. I developed and input.conf and prop.conf files, and put them there to make the data in.

Then I install this Splunk Add-on for Symantec Endpoint Protection, hope to have some useful dashboard do a report for me automatically, but nothing shows up. The installation doc does not mention too many details.

Can anybody shed some light on this?

Thank you so much


0 Karma
Take the 2021 Splunk Career Survey

Help us learn about how Splunk has
impacted your career by taking the 2021 Splunk Career Survey.

Earn $50 in Amazon cash!