Skip to content
/ audit2Splunk Public

Example of sending the Symantec DLP Audit trail events to Splunk for consolidation, reporting, correlation, long-term archival, and other relevant use cases.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dlparchitect/audit2Splunk

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 
audit2Splunk.py
audit2Splunk.py
 
 

Repository files navigation

audit2Splunk

Example of sending the Symantec DLP Audit trail events to Splunk for consolidation, reporting, correlation, long-term archival, and other relevant use cases.

PROVIDED AS-IS The code is a) an example and b) provided as-is, we do not know your computing environment so you need to assess the script’s function and performance before implementing it.

Prerequisites

  • Symantec DLP 16 RU1
  • A Symantec DLP user with API and Administrative privileges
  • audit2Splunk.py is written in Python 3.8
  • Python 3.8 Modules: json, requests, logging, datetime, timedelta
  • Splunk with HEC

Modules: json, requests, logging, datetime, timedelta

API Reference: https://apidocs.securitycloud.symantec.com/#/doc?id=auditlog

About

Example of sending the Symantec DLP Audit trail events to Splunk for consolidation, reporting, correlation, long-term archival, and other relevant use cases.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages