You can use client scripts to integrate Symantec Endpoint Protection (SEP) with other reporting and monitoring applications, such as Splunk or a Syslog Server. These scripts export event data from SEP thus allowing you to import them into a third-party application. This event data can be consumed through the prebuilt dashboard for further monitoring and analysis.
Follow these steps to import events data into any third-party application.
Add a new client application to the cloud console
In the SEP Cloud console, go to Integration > Client Applications tab, and press Add Client Application.
In the Add Application window, type the name of the application and press Add.
The new application is listed with the client ID and client secret.
Press Show to display the client secret. Make a note of the following values, which are required to generate an authentication token:
Use REST API calls to authorize and export event data