Skip to content

Symantec Endpoint Protection

Symantec Endpoint Protection provides protection for user and server endpoints against virus, malware, and other types of malicious files. Cyderes utilizes this information to track alerts for malicious content attempting to run on endpoint devices.

Data Types

  • SEP

Configuration

  1. In the console, click Admin
  2. Click Servers
  3. Click the local site or remote site that log data will be exported from
  4. Click Configure External Logging
  5. On the General tab, in the Update Frequency list box, select "30 seconds"
  6. In the Master Logging Server list box, select the management server to send the logs to
    • If an SQL Server is used and multiple management servers are connected to the database, specify only one server as the Master Logging Server.
  7. Check Enable Transmission of Logs to a Syslog Server
  8. Enter in the following information for the syslog server:

    Setting Value
    Syslog Server IP address or domain name of the CYCLOPS appliance
    Destination Port Port number provided by Cyderes
    Log Facility 0
    Log Line Separator LF
  9. In the Log Filter tab at the top, select all options in the "Client Logs" section

  10. Click OK