Looking at Splunk_TA_symantec-ep
and I wonder where the documentation for the sourcetypes, which are CIM compliant, is.
Hi,
Here you go https://docs.splunk.com/Documentation/AddOns/released/SymantecEP/Sourcetypes , that has each source type mapped with CIM datamodels.
Hi,
Here you go https://docs.splunk.com/Documentation/AddOns/released/SymantecEP/Sourcetypes , that has each source type mapped with CIM datamodels.