Solved: Splunk Add-On for Sophos Mac Compatibility

pc1 · ‎08-17-2021

Is the Splunk Add-On for Sophos compatible with getting data from my Macs? I have a deployment server (on Windows, the only OS compatible with hosting the Sophos Add-On) with Macs and Windows machines in my environment w/ the Universal Forwarder installed. I want to use this add-on to collect Sophos data from both my macs and windows machines but can't find anywhere if it will work.

venkatasri · ‎08-18-2021

Hi @pc1

It supports only on Windows as per docs no MAC. You shall be able to deploy only to Windows UF from DS by blacklisting mac UF's. support. https://docs.splunk.com/Documentation/AddOns/released/Sophos/Hardwareandsoftwarerequirements

---

an upvote would be appreciated if this reply helps!

View solution in original post

venkatasri · ‎08-18-2021

Hi @pc1

It supports only on Windows as per docs no MAC. You shall be able to deploy only to Windows UF from DS by blacklisting mac UF's. support. https://docs.splunk.com/Documentation/AddOns/released/Sophos/Hardwareandsoftwarerequirements

---

an upvote would be appreciated if this reply helps!

Splunk Add-On for Sophos Mac Compatibility

Mac

universal forwarder

Windows

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?