Endpoint Detection and Response (EDR)

 View Only
Back to discussions
Expand all | Collapse all

EDR with Splunk integration

  • 1.  EDR with Splunk integration

    Broadcom Employee
    Posted Mar 24, 2020 09:46 AM
      |   view attached
    Team,

    One of our customer has integrated EDR with Splunk, and EDR is not sending all the fields or information while forwarding events to Splunk.

    Attached is the Excel sheet for the missed events.
    Below screenshot for events configured to be forwarded.



    Many Thanks in advance.

    Warm Regards,

    Robert Almeida

    Attachment(s)

    xlsx
    Symantec EDR Splunk Forwarding Logs v1.1.xlsx   11 KB 1 version