![]() ![]() If it is missing, you can set it up again in the UI or you can copy the relevant stanza from $SPLUNK_HOME/etc/apps/Splunk_TA_symantec-ep/default/nf and change disabled = 1 to disabled = 0. If you have enabled the automatic updates for the malware category lookup file, but you notice that the data does not appear to be up to date, verify your automatic updates are successfully configured.Ĭheck your $SPLUNK_HOME/etc/apps/Splunk_TA_symantec-ep/local/nf on your search heads to ensure that the scripted input is in the file and enabled ( disabled = 0). Check your SPLUNKHOME/etc/apps/SplunkTAsymantec-ep/local/nf on your search heads to ensure that the scripted input is in the file and enabled ( disabled 0 ). Index=_internal source="*ta_symantec-ep.log" Malware categories are not up to date To access the internal logs produced by this add-on, run this search. If you are trying to launch or load views for this add-on and you are experiencing results you do not expect, turn off visibility for the add-on.įor more details about add-on visibility and instructions for turning visibility off, see Check if the add-on is intended to be visible or not in the Splunk Add-ons Troubleshooting topic. aftrer installation all the cisco services were failed to start. ![]() every thing was working fine unitl I installed Symantec Endpoint Protection Manager 110.0.6. ![]() This add-on does not have views and is not intended to be visible in Splunk Web. hi, I am using windows server 2008 and lms 3.2 installed. For additional resources, see Support and resource links for add-ons in Splunk Add-ons. Troubleshoot the Splunk Add-on for Symantec Endpoint Protection General troubleshootingįor troubleshooting tips that you can apply to all add-ons, see Troubleshoot add-ons in Splunk Add-ons. when I restart the server the symantec endpoint protection manager service is working and when login i get this message 'Unexpected Server Error' and when I restart the symantec protectino manager service I can't start the service and I get this message in the Event Viewer 'The semsrv service failed to start.' with event id:4098. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |