i would like to add prebuilt panels to Splunkadd-onforSymantecDLP's dedicated webpage.
This is my current Splunkadd-onforSymantecDLP's dedicated webpage.
I would like to have all the...
I have specified the following variables to extract from my SymantecDLP system and send them to Splunk.
Message = ID: $INCIDENT_ID$, Policy Violated: $POLICY$, Rules: $POLICY_RULES$, Count: $M...
I make sure the search results can return the results which is within 24h period as expected.
I am trying to use the prebuilt panel included with Splunkadd-onforSymantecDLP - "symantec...
...ourcetype
(4)Splunk is installed onthe syslog server as a Heavy Forwarder that's configured to send events to the indexer. (Which also has the SEP_TA installed)
Some syslog monitors were already setup u...