Skip to content

Symantec Endpoint Protection

Symantec Endpoint Protection provides protection for user and server endpoints against virus, malware, and other types of malicious files. CYDERES utilizes this information to track alerts for malicious content attempting to run on endpoint devices.

Data Types

  • Alerts

Configuration

  1. In the console, click Admin.
  2. Click Servers.
  3. Click the local site or remote site that you want to export log data from.
  4. Click Configure External Logging.
  5. On the General tab, in the Update Frequency list box, select "30 seconds".
  6. In the Master Logging Server list box, select the management server to send the logs to.
    • If you use SQL Server and connect multiple management servers to the database, specify only one server as the Master Logging Server.
  7. Check Enable Transmission of Logs to a Syslog Server.
  8. Enter in the following information for the syslog server:

    Setting Value
    Syslog Server IP address or domain name of your CYCLOPS appliance
    Destination Port Port number provided by CYDERES
    Log Facility 0
  9. In the Log Filter tab at the top, select all options in the "Client Logs" section.

  10. Click OK.