Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
TA-Symantec Mail Gateway app icon

TA-Symantec Mail Gateway

This Splunk Technology Add-on (TA) enables parsing and normalization of logs from Symantec Mail Gateway (SMG) systems. It extracts structured fields from raw syslog data and assigns appropriate sourcetypes for accurate categorization and analysis in Splunk and assign sourcetype=symantec:mg:syslog, as default to all the incoming data. The TA supports multiple components of Symantec Mail Gateway including: bmserver – Verdicts, TrackerIDs, Attachments, Quarantine actions ecelerity – Email delivery, ORCPTS, TRACKERID, TRANS_FAILURE, DELIVERY_FAILURE audit – Quarantine Delete/Release events quarantine – Spam quarantine summary logs brightmail – Watchdog, URLAnalyzer, Spamhunter dns – Named (BIND) resolver responses system – CROND, rsyslogd-pstats, cron jobs mail – Message views by users (AuditEventLogManager) auth – Sudo session opens/closes syslog – Miscellaneous default logs.

Built by ARAFAT MALIK
splunk product badge

Latest Version 1.0.0
April 14, 2025
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
CIM Version: 6.x, 5.x, 4.x, 3.x
Rating

0

(0)

Log in to rate this app
Support
TA-Symantec Mail Gateway support icon
Developer Supported addon
Learn more
Ranking

#28

in Email
This Splunk Technology Add-on (TA) enables parsing and normalization of logs from Symantec Mail Gateway (SMG) systems. It extracts structured fields from raw syslog data and assigns appropriate sourcetypes for accurate categorization and analysis in Splunk and assign sourcetype=symantec:mg:syslog, as default to all the incoming data. The TA supports multiple components of Symantec Mail Gateway including: bmserver – Verdicts, TrackerIDs, Attachments, Quarantine actions ecelerity – Email delivery, ORCPTS, TRACKERID, TRANS_FAILURE, DELIVERY_FAILURE audit – Quarantine Delete/Release events quarantine – Spam quarantine summary logs brightmail – Watchdog, URLAnalyzer, Spamhunter dns – Named (BIND) resolver responses system – CROND, rsyslogd-pstats, cron jobs mail – Message views by users (AuditEventLogManager) auth – Sudo session opens/closes syslog – Miscellaneous default logs.

Categories

Created By

ARAFAT MALIK

Type

addon

Downloads

5

Resources

Login to report this app listing