Splunk Enterprise Security

Enterprise Security: where is the CIM compatibility breakdown per sourcetype for Splunk_TA_symantec-ep?

danielbb
Motivator

Looking at Splunk_TA_symantec-ep and I wonder where the documentation for the sourcetypes, which are CIM compliant, is.

0 Karma
1 Solution

harsmarvania57
Ultra Champion

Hi,

Here you go https://docs.splunk.com/Documentation/AddOns/released/SymantecEP/Sourcetypes , that has each source type mapped with CIM datamodels.

View solution in original post

harsmarvania57
Ultra Champion

Hi,

Here you go https://docs.splunk.com/Documentation/AddOns/released/SymantecEP/Sourcetypes , that has each source type mapped with CIM datamodels.

Get Updates on the Splunk Community!

Part 2: A Guide to Maximizing Splunk IT Service Intelligence

Welcome to the second segment of our guide. In Part 1, we covered the essentials of getting started with ITSI ...

Part 1: A Guide to Maximizing Splunk IT Service Intelligence

As modern IT environments continue to grow in complexity and speed, the ability to efficiently manage and ...

Exporting Splunk Apps

Join us on Monday, October 21 at 11 am PT | 2 pm ET!With the app export functionality, app developers and ...