search cancel

Symantec enterprise apps for Splunk

book

Article ID: 229831

calendar_today

Updated On:

Products

Endpoint Detection and Response Email Security.cloud ProxySG Software - SGOS Cloud Secure Web Gateway - Cloud SWG Web Application Firewall

Issue/Introduction

Symantec’s integration via Splunk Apps provides a clear dashboard for security operations allowing rapid investigation for advanced persistent threats.

Environment

Apps were tested on Splunk Enterprise 6.5.0 or later.  

Resolution

Visit the Symantec enterprise apps for Splunk page. Splunk apps are currently available for the following:

  • Endpoint Detection & Response (EDR)
  • Email Security.cloud
  • Integrated Cyber Defense Exchange (ICDx)
  • ProxySG
  • Web Security Service (WSS)
  • Web Application Firewall (WAF)

Note: While Splunk apps are freely downloadable and editable, they are unsupported by Symantec and are provided to assist with Splunk integration efforts.