Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Upgradation of Splunk for Symantec App

rahul2gupta
Path Finder
‎07-25-2021 05:33 AM

Hi @gcusello ,

We've been asked to upgrade our existing Splunk version(7.1.3) to 8.1. So for that we are now upgrading our apps that are not compatible with the version 8.1.x.

I've started with the Symantec App. Its current version is 1.0.3 which is NOT supported by Splunk now and I seek your help to upgrade this app( I've downloaded its higher version ) but I am stuck as I don't know how to configure .

rahul2gupta_0-1627216009062.png

Regards,

Rahul Gupta

  

Labels (2)
Labels
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎07-25-2021 07:30 AM

Hi @rahul2gupta,

this is a very old app (2013) and it's supported on Splunk 4.3 and 5!

In addition, it works with Symantec Endpoint Protection 11 & 12, which version have you?

There are many other apps for Symanted Endpoint, why don't you see if one of these can work with your Symantec Endpoint Protection?

Anyway, if you want to use that app, you have to take one by one each dashboard and see if it receives the data or maybe you need different TAs, there isn't any script that requires python and this is helpful, but the problem is the data ingestion, in other words, see the existing TAs and see if you have to manually modify the dashboards to adapt them to the new data flows.

Ciao.

Giuseppe

 

0 Karma
Reply

rahul2gupta
Path Finder
‎07-29-2021 05:20 AM

Thanks @gcusello !

Seems like I've to go with this app only and need to manually modify the dashboards.

Regards,

Rahul

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎07-29-2021 05:27 AM

Hi @rahul2gupta,

tell me if I can help you more, otherwise, please, accept my answer for the other people of Community.

Ciao and happy splunking.

Giuseppe

P.S.: Karma Points are appreciated 😉

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

How to find the worst searches in your Splunk environment and how to fix them

Everyone knows Splunk is a powerful platform for running searches and doing data analytics. Your ...

Share Your Feedback: On Admin Config Service (ACS)!

Help Us Build a Better Admin Config Service Experience (ACS)   We Want Your Feedback on Admin Config Service ...