Integrate Data Loss Prevention with a syslog server


Article ID: 184399


Updated On:


Data Loss Prevention Enforce Data Loss Prevention Data Loss Prevention Endpoint Prevent


You need to configure Symantec Data Loss Prevention (DLP) to send data to a syslog server.


Refer to the DLP Admin guide for configuration steps for each option below.

  • DLP server events can be sent by configuring the file on the Enforce server.
  • Incident data can also be sent to a syslog server. This process requires creating a response rule and assigning the response rule to various policies.

For specific information on sending incident data to a Splunk syslog server refer to the Splunk website,