After Symantec EDR Upgrade to version 4.8 unable to forward Logs to SIEM
search cancel

After Symantec EDR Upgrade to version 4.8 unable to forward Logs to SIEM

book

Article ID: 269714

calendar_today

Updated On:

Products

Endpoint Detection and Response

Issue/Introduction

SIEM is not receiving logs after Symantec EDR was updated to version 4.8.

Cause

UDP protocol is no longer supported for SIEM integration.

Resolution

Symantec EDR 4.8 and later versions accept TCP protocol for SIEM integration.

Forwarding Events and Incidents to Third-Party SIEMs

Powered by Wolken Software