Symantec Endpoint Protection SEPv11
Many thanks for submitting your request, SEP 11 is a frequent asked Event Source.
We are planning support for Symantec SEP V11 Fall 08 via a new innovative delivery mechanism.
More details soon
Many thanks and keep these questions coming.
Good catch. I've been finding that our reports haven't quite worked as well in 10 than in 11.This was my SQL for a report to just show just the basic information about what has been detected.
VirusName NOT LIKE ''
Has anyone been able to get logs for any of the IPS type of alerts? I have all the security logging enabled in the console but it still hasn't been sent to envision, even in the raw log format. Still researching it though.
Bump. Anyone able to create any IPS or in the SEP world, "network threat protection" type of reports at all? I actually get the raw IDS, or NTP event, but can never get it to show up in EE or parse it for any report.