- KNOWLEDGE BASE
- DEVICE INTEGRATION
- SYMANTEC
-
START YOUR TRIAL
-
DEVICE INTEGRATION
-
CONNECTORS
-
DATA INGESTION
-
HUNTING WITH WORKBOOKS
-
DNIF Query Language (DQL Language)
-
SECURITY MONITORING
-
OPERATIONS
-
MANAGE DASHBOARDS
-
MANAGE REPORTS
-
USER MANAGEMENT & ACCESS CONTROL
-
BILLING
-
MANAGING YOUR COMPONENTS
-
GETTING STARTED
-
INSTALLATION
-
SOLUTION DESIGN
-
AUTOMATION
-
TROUBLESHOOTING AND DEBUGGING
-
LICENSE MANAGEMENT
-
RELEASE NOTES
-
API
-
POLICIES
-
SECURITY BULLETINS
-
BEST PRACTICES
-
DNIF AI
-
DNIF LEGAL AND SECURITY COMPLIANCE
Symantec ATP
Symantec Advanced Threat Protection (ATP) performs the critical security tasks that detect, protect, and respond to threats to your network.
Integration of Symantec ATP with DNIF
To forward Symantec ATP logs to DNIF Adapter make the following configuration.
- Login into Symantec ATP manager.
- To configure the default syslog server connection for all appliances, click Settings > Appliances, then click Edit Default Appliance Settings.
- To configure a custom syslog server connection for a single device, click Settings > Appliances, select the device in the Appliances list. In the Syslog section, uncheck Use default, if it is checked.
- In the Syslog panel, click +Add Syslog Server.
- In the Add Syslog Server dialog box, in the Host field, enter the IP address of the DNIF Adapter server.
- In the Protocol field, select the appropriate protocol, either UDP or TCP.
- In the Port field, enter the port on the syslog server that accepts syslog messages. (Syslog usually uses port 514.)
- Click Save.
Symantec ATP logs are now streamed to DNIF.