Showing results for 
Search instead for 
Did you mean: 

Symantec DLP

Does anyone have Symantec DLP configured as a data source? If so, is it parsing correctly by default, or did you have to write a custom parser for it to parse correctly? I have it configure as a data source, but all events are showing "umknown" even though the data appears to be getting parsed. Support is telling me I need to either submit a PER or write a custom parser to correct this.


3 Replies

Re: Symantec DLP

No info here yet, I'm about to add ours in as a data source next week. I will follow up with you after.  Until then, is there any documentation about getting it setup in the SIEM, I'm not familiar with the DLP application itself at all.

Re: Symantec DLP


You can find the configuration documentation here:


Re: Symantec DLP


Can you share the guide for integration of Symantec DLP with mcafee siem and screenshot of added data data source we need to make any changes on Symantec DLP side to achieve this ????

Thanks in advance.....

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator