Description

This NetIQ Sentinel Collector provides data-capture capabilities for Symantec Endpoint Protection and related products. Sentinel must be installed and operational before attempting to use this Collector. For further information, refer to the full Symantec Endpoint Protection Collector documentation.

Supported Product Versions:Symantec Endpoint Protection 14.x, Symantec Endpoint Protection 12.x Connection Method(s):SYSLOG,FILE,DATABASE

Suggested apps

Suggested for you are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.

Releases

Release
Size
Date
Symantec Endpoint Protection 2011.1r5 Beta
5.1 MB
  |  
May 25, 2021
More info Less info
Product compatibility
Sentinel
Version 8.4
Release notes

2011.1r5
  • The collector has been modified to parse newly added fields in the latest version of Symantec EndPoint Protection. (Bug# 1085282)
  • Fixed parsing issues for Virus events. (Bug# 1101347)
  • Fixed parsing issues. (Bug# 1103555)
  • Modified the queries and fixed the offset issue. (Bug# 1102536)
  • Fixed parsing issues. (Bug# 121007)
2011.1r4
  • Support added for Symantec EndpointProtection 14.x
  • The collector has been modified to parse Observer host name information (Bug# 995706)
  • The collector has been modified to parse proper event names instead of "Agent System Event". (Bug# 827339)
  • Added the support for category set,category type and last update time fields in Virus Found events. (Bug# 979733)
2011.1r3
  • Added support for Firewall and IPS logs.
  • Optimized the code for syslog connection method for better performance.
  • Bug# 953882: Modified the Collector to parse ObserverHostName correctly.
  • Bug# 855669: Modified the Collector to parse the Support Virus Found and Scanning attempts events.
  • Bug# 874448: Modified the Collector to define the taxonomy for Security risk found event.
  • Bug# 891796: Modified the Collector to show the severity correctly in Database Connection Mode.
  • Bug# 940482: Modified the Collector to normalize the HostName values into lower case letters.
  • Bug# 854219: Modified the Collector to parse the FileName properly for Security risk found event.
  • Bug# 824527: Modified the sqlquery.base file to use AlertInserTime instead of AlertDateTime as offset.
2011.1r2
  • The Collector now supports Symantec Endpoint Protection 12.1.
  • Database support has been added for the Symantec Endpoint Protection Manager 11 and 12.
2011.1r1
  • The Collector now supports Agent Manager Connector.
  • Fixed taxonomies for Load/Unload events.
  • Enhanced parsing for "Virus found" events, taxonomy is set based on Action taken.
6.1r3
  • Syslog support has been added for the Symantec EndpointProtection Manager 11.
  • Removed supporting script files to copy log files from device to Sentinel machine.
  • Bug# 582547: Fixed an issue where the DeviceEventTimeString field was not being properly set.
  • Bug# 576172: Enhanced reporting of EventName for unrecognized or unsupported events.
  • Bug# 550659: Corrected an issue with the "Custom" execution mode which prevented proper initialization of the custom code.
  • Bug# 649536: Fixed an issue where a spurious critical error message was generated when Collectors are stopped.
  • Bug# 649519: Fixed an issue where debug JSON files were mis-named.
  • Bug# 622912: Modified report queries to optimize performance.
6.1r2
  • Updated the connection methods to support latest file Connector.
6.1r1
  • Converted legacy Collector Symantec AntiVirus 10 to Javascript and updated to 6.1 template.
  • Added support for Symantec Endpoint Protection 11.
Languages
English
Symantec Endpoint Protection 2011.1r4
5.0 MB
  |  
Dec 22, 2020
More info Less info
Product compatibility
Sentinel
Version 8.4
Release notes

2011.1r4


  • Support added for Symantec EndpointProtection 14.x
  • The collector has been modified to parse Observer host name information (Bug# 995706)
  • The collector has been modified to parse proper event names instead of "Agent System Event". (Bug# 827339)
  • Added the support for category set,category type and last update time fields in Virus Found events. (Bug# 979733)
Languages
English

Unsubscribe from notifications

You are receiving release updates for this item because you have subscribed to the following products:
If you unsubscribe, you will no longer receive any notifications for these products.
Tip: to update your subscription preferences, go to Manage Subscriptions from your Dashboard, uncheck the products you no longer want to receive notifications for, and click 'Save'.

Marketplace Terms of Service

In order to continue, you must accept the updated Marketplace Terms of Service
Since you are downloading an app from the Micro Focus Marketplace, you need to accept the updated Marketplace Terms of Service before you can continue. Use the link to review the Marketplace Terms of Service. Once complete check the, "I accept the Marketplace Terms of Service" box below and click accept to continue your download.


Your download has begun...

Your download has begun

Related content and resources

Your browser is not supported!

Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox

release-rel-2021-6-2-4227 | Fri Jun 18 00:18:29 PDT 2021