...
Symantec Endpoint Security/Protection is a cloud-based device which is added to the UI using an API callcalls. This document will help you with the steps to ingest the Symantec Endpoint Security/Protection with Seceon SIEM to have a better visibility of threats happening in your environment.
Steps Of Configuration
...
To add
...
Symantec Endpoint Security/Protection support, Follow the steps that are mentioned below.
Enter the name of the device
Enter the CCE IP
Refer to Get your bearer token section to generate the client id and client secret key -
https://apidocs.securitycloud.symantec.com/#/doc?id=ses_auth
Now enter the generated Client ID in Access ID/user name and Client Secret in the password/Secret Key section
Now in valid JSON Format in the last field, not need to put JSON ( only Add- {} )
Click on the Save button
...