Refine your search:

Symantec Security Information Manager (SSIM) Migration

1

We are looking at migrating some of our SSIM rules to Splunk saved/scheduled/realtime searches. I was wondering if anyone else has done this?

I had some concerns over the SSIM 'Tracking Keys' and rule types. If anyone has done a migration from Symantec SSIM to Splunk, please PM me.

Thanks

Troy

asked 25 Aug '11, 13:50

troywollenslegel's gravatar image

troywollensl...
392
accept rate: 10%

Be the first one to answer this question!
toggle preview

Follow this question

Log In to enable email subscriptions

RSS:

Answers

Answers + Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Tags:

×7

Asked: 25 Aug '11, 13:50

Seen: 725 times

Last updated: 25 Aug '11, 13:50

Related questions

Field Extraction for Symantec Mail Security for SMTP

Symantec Endpoint Reporting App (SEP) Installation

Symantec Endpoint Protection

Symantec Endpoint Protection 12 App

IT Security Guys - What are YOU using splunk to display?

Looking to filter out C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan events

How to get "Computer Name: " to appear as the dest_nt_host field in SplunkforSymantec

license information

Symantec Endpoint Protection (SEP) firewall logs

Copyright © 2005-2012 Splunk Inc. All rights reserved.