Skip to content

Hardware and software requirements for the Splunk Add-on for Symantec Endpoint Protection

To install and configure the Splunk Add-on for Symantec Endpoint, you must be member of the admin or sc_admin role.

Symantec Endpoint Protection Manager setup requirements

In order to configure your Symantec Endpoint Protection Manager to export log data to a file, you need administrative access to the manager console.

You must install the Splunk Add-on for Symantec Endpoint Protection on a forwarder or single-instance Splunk Enterprise that is installed directly on the server running Symantec Endpoint Protection Manager in order to monitor dump files.

Splunk platform requirements

Because this add-on runs on the Splunk platform, all of the system requirements apply for the Splunk software that you use to run this add-on.

  • For Splunk Enterprise system requirements, see System Requirements in the Splunk Enterprise Installation Manual.

  • If you are managing on-premises forwarders to get data into Splunk Cloud, see System Requirements in the Splunk Enterprise Installation Manual, which includes information about forwarders.