i would like to add prebuilt panels to Splunkadd-onforSymantecDLP's dedicated webpage.
This is my current Splunkadd-onforSymantecDLP's dedicated webpage.
I would like to have all the...
I have specified the following variables to extract from my SymantecDLP system and send them to Splunk.
Message = ID: $INCIDENT_ID$, Policy Violated: $POLICY$, Rules: $POLICY_RULES$, Count: $M...
I make sure the search results can return the results which is within 24h period as expected.
I am trying to use the prebuilt panel included with Splunkadd-onforSymantecDLP - "symantec...
...others....
I am sending SEP 14 logs to splunk via syslog directly from SEP manager.
I have installed the TA forSymantec Endpoint Protection (syslog) based on several recommendations in this for...
...redefined) rules, reports and dashboards", like other SIEM.
I heard from many people the use-cases comes as default when we installthe log source/device specific apps. For ex: Palo Alto, SymantecDLP...
The documentation forSplunkforSymantec state:
After downloading the app and going through the set up process, you still need to install either theSymantec 11 Technology Add-on or Symantec 12 T...