Latest Version 1.0.0
April 14, 2025
Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
TA-Symantec Mail Gateway
This Splunk Technology Add-on (TA) enables parsing and normalization of logs from Symantec Mail Gateway (SMG) systems. It extracts structured fields from raw syslog data and assigns appropriate sourcetypes for accurate categorization and analysis in Splunk and assign sourcetype=symantec:mg:syslog, as default to all the incoming data.
Built by
Compatibility
Not Available
Platform Version: 10.0, 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
CIM Version: 6.x, 5.x, 4.x, 3.x
Rating
0
(0)
Log in to rate this app
Support
Developer Supported addon
Ranking
#27
in Email
This Splunk Technology Add-on (TA) enables parsing and normalization of logs from Symantec Mail Gateway (SMG) systems. It extracts structured fields from raw syslog data and assigns appropriate sourcetypes for accurate categorization and analysis in Splunk and assign sourcetype=symantec:mg:syslog, as default to all the incoming data.
The TA supports multiple components of Symantec Mail Gateway including:
bmserver – Verdicts, TrackerIDs, Attachments, Quarantine actions
ecelerity – Email delivery, ORCPTS, TRACKERID, TRANS_FAILURE, DELIVERY_FAILURE
audit – Quarantine Delete/Release events
quarantine – Spam quarantine summary logs
brightmail – Watchdog, URLAnalyzer, Spamhunter
dns – Named (BIND) resolver responses
system – CROND, rsyslogd-pstats, cron jobs
mail – Message views by users (AuditEventLogManager)
auth – Sudo session opens/closes
syslog – Miscellaneous default logs.
Categories
Created By
ARAFAT MALIK
Type
addon
Downloads
128
Licensing
Splunk Answers
Resources
Log in to report this app listing