Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.
Device Integration: Symantec Endpoint Security/Protection
Overview
Symantec Endpoint Security/Protection is a cloud-based device which is added to the UI using an API calls. This document will help you with the steps to ingest the Symantec Endpoint Security/Protection with Seceon SIEM to have better visibility of threats happening in your environment.
Steps Of Configuration
To add Symantec Endpoint Security/Protection support, Follow the steps that are mentioned below.
Enter the name of the device
Enter the CCE IP
Refer to Get your bearer token section to generate the client id and client secret key -
Now enter the generated Client ID in Access ID/user name and Client Secret in the password/Secret Key section
Now in valid JSON Format in the last field, not need to put JSON ( only Add- {} )
Click on the Save button
Verification
Going to the System tab, we will check that we are seeing Symantec Endpoint Security/Protection.
Seceon Inc. All rights reserved. https://www.seceon.com