All Apps and Add-ons

Why is the dashboard not showing any data in Splunk Add-on for Symantec Endpoint Protection?

New Member

Hi Folks

I have all my Symantec data collected in an index called Symantec. the data come in from a universal forwarder running on that Symantec log server. I developed and input.conf and prop.conf files, and put them there to make the data in.

Then I install this Splunk Add-on for Symantec Endpoint Protection, hope to have some useful dashboard do a report for me automatically, but nothing shows up. The installation doc does not mention too many details.

Can anybody shed some light on this?

Thank you so much


0 Karma
.conf21 CFS Extended through 5/20!

Don't miss your chance
to share your Splunk
wisdom in-person or
virtually at .conf21!

Call for Speakers has
been extended through
Thursday, 5/20!