Please refer to information below regarding Symantec ATP App for Splunk.
Please check following link for more details:
Symantec ATP App for Splunk: https://splunkbase.splunk.com/app/3453/
Symantec ATP Add-on for Splunk: https://splunkbase.splunk.com/app/3454/
Symantec ATP App for Splunk Administrator Guide: please check "Download Files" section of this KB article.