You need to configure Symantec Data Loss Prevention (DLP) to send data to a syslog server.
Refer to the DLP Admin guide for configuration steps for each option below.
For specific information on sending incident data to a Splunk syslog server refer to the Splunk website, https://docs.splunk.com/Documentation/AddOns/released/SymantecDLP/Setup