Assuming your SESC subscription is the cloud console setup, that is the ICDm and ICDm-EDR Incidents collectors. You add the Application API in the console, and provide the resulting details into the Collector. The ICDm is what the cloud console for SES Complete is called, so those are the correct collectors to use for ICDx.
Original Message:
Sent: Jul 25, 2022 02:43 PM
From: Laercio Benedito Sivali De Sousa - ETIR
Subject: Is there a specific collector for SESC (Symantec Endpoint Security Complete)?
I've just set up an ICDx 1.4.5-930 server with the purpose of collecting logs from our SESC subscription and redirecting to our SIEM solution. Although there's indeed some SESC-related files at ICDx installation folder, I'm unable to find a specific configuration entry for SESC collector in my ICDx portal.
Will it be enabled in a near updated? While it's not available, should I use current ICDm / ICDm-EDR-Incidents collectors?