Splunk Enterprise Security

Problem with threat notables on Splunk ES

aalaa
Path Finder

Hello ,

We have a Splunk ES 5.1.0 application installed on Splunk Entreprise version 7.2.0.

We need to collect the threat logs data from our antivirus ‘Symantec’ ( Threat Logs ).We need to be collected the threat logs to generate and detecting threats on the application Entreprise Security.
I installed the splunk add-on for symantec and i collect data but i have no threat event with the application Entreprise Security.

Any help please ?

0 Karma
Get Updates on the Splunk Community!

Accelerate Service Onboarding, Decomposition, Troubleshooting - and more with ITSI’s ...

Accelerate Service Onboarding, Decomposition, Troubleshooting - and more!  Faster Time to Value Managing and ...

New Release | Splunk Enterprise 9.3

Admins and Analyst can benefit from:  Seamlessly route data to your local file system to save on storage ...

2024 Splunk Career Impact Survey | Earn a $20 gift card for participating!

Hear ye, hear ye! The time has come again for Splunk's annual Career Impact Survey!  We need your help by ...