Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Upgradation of Splunk for Symantec App

rahul2gupta
Path Finder
‎07-25-2021 05:33 AM

Hi @gcusello ,

We've been asked to upgrade our existing Splunk version(7.1.3) to 8.1. So for that we are now upgrading our apps that are not compatible with the version 8.1.x.

I've started with the Symantec App. Its current version is 1.0.3 which is NOT supported by Splunk now and I seek your help to upgrade this app( I've downloaded its higher version ) but I am stuck as I don't know how to configure .

rahul2gupta_0-1627216009062.png

Regards,

Rahul Gupta

  

Labels (2)
Labels
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎07-25-2021 07:30 AM

Hi @rahul2gupta,

this is a very old app (2013) and it's supported on Splunk 4.3 and 5!

In addition, it works with Symantec Endpoint Protection 11 & 12, which version have you?

There are many other apps for Symanted Endpoint, why don't you see if one of these can work with your Symantec Endpoint Protection?

Anyway, if you want to use that app, you have to take one by one each dashboard and see if it receives the data or maybe you need different TAs, there isn't any script that requires python and this is helpful, but the problem is the data ingestion, in other words, see the existing TAs and see if you have to manually modify the dashboards to adapt them to the new data flows.

Ciao.

Giuseppe

 

0 Karma
Reply

rahul2gupta
Path Finder
‎07-29-2021 05:20 AM

Thanks @gcusello !

Seems like I've to go with this app only and need to manually modify the dashboards.

Regards,

Rahul

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎07-29-2021 05:27 AM

Hi @rahul2gupta,

tell me if I can help you more, otherwise, please, accept my answer for the other people of Community.

Ciao and happy splunking.

Giuseppe

P.S.: Karma Points are appreciated 😉

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

 Prepare to elevate your security operations with the powerful upgrade to Splunk Enterprise Security 8.x! This ...

Get Early Access to AI Playbook Authoring: Apply for the Alpha Private Preview ...

Passionate about security automation? Apply now to our AI Playbook Authoring Alpha private preview ...

Reduce and Transform Your Firewall Data with Splunk Data Management

Managing high-volume firewall data has always been a challenge. Noisy events and verbose traffic logs often ...