Splunk Enterprise Security

Problem with threat notables on Splunk ES

aalaa
Path Finder

Hello ,

We have a Splunk ES 5.1.0 application installed on Splunk Entreprise version 7.2.0.

We need to collect the threat logs data from our antivirus ‘Symantec’ ( Threat Logs ).We need to be collected the threat logs to generate and detecting threats on the application Entreprise Security.
I installed the splunk add-on for symantec and i collect data but i have no threat event with the application Entreprise Security.

Any help please ?

0 Karma
Get Updates on the Splunk Community!

Optimize Cloud Monitoring

  TECH TALKS Optimize Cloud Monitoring Tuesday, August 13, 2024  |  11:00AM–12:00PM PST   Register to ...

What's New in Splunk Cloud Platform 9.2.2403?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.2.2403! Analysts can ...

Stay Connected: Your Guide to July and August Tech Talks, Office Hours, and Webinars!

Dive into our sizzling summer lineup for July and August Community Office Hours and Tech Talks. Scroll down to ...