Select Apply below configuration to my machines and select the facilities and severities.Ĭonfigure and connect the Symantec Endpoint Protectionįollow these instructions to configure the Symantec Endpoint Protection to forward syslog. Under workspace advanced settings Configuration, select Data and then Syslog. Syslog logs are collected only from Linux agents.Ĭonfigure the facilities you want to collect and their severities. Typically, you should install the agent on a different computer from the one on which the logs are generated.
Install and onboard the agent for Linux.Follow the steps to use the Kusto function alias, SymantecEndpointProtection This data connector depends on a parser based on a Kusto Function to work as expected. Symantec Endpoint Protection (SEP): must be configured to export logs via Syslog.To integrate with Symantec Endpoint Protection make sure you have: **Top 10 Log Types ** SymantecEndpointProtection This gives you more insight into your organization's network and improves your security operation capabilities. The Broadcom Symantec Endpoint Protection (SEP) connector allows you to easily connect your SEP logs with Microsoft Sentinel.
0 kommentar(er)
