You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/integrations/saas-cloud/symantec-endpoint-security-service.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -231,7 +231,7 @@ The **Symantec Endpoint Security - Incidents Overview** dashboard provides a det
231
231
232
232
### Events Overview
233
233
234
-
The **Symantec Endpoint Security - Events Overview** The "Symantec Endpoint Security - Events Overview" dashboard provides a comprehensive view of endpoint security status through various widgets. These widgets display key data such as the total number of events, high severity events, suspicious files, event distribution based on severity, category, event type, EDR event type, affected endpoints, top users linked to events, top malicious files, top SHA256 of files, top affected IPs, events over time, sandbox file detection events over time, and summaries of malicious files, events, hosts, threats, and incidents with the device. The dashboard also includes information on geographic locations of affected endpoints, and helps administrators monitor, manage, and respond to security threats in real time. This enables businesses to secure endpoints and defend against a wide range of threats.<br/><img src={useBaseUrl('https://sumologic-app-data-v2.s3.us-east-1.amazonaws.com/dashboards/Symantec+Endpoint+Security+Service/Symantec-Endpoint-Security-Events-Overview.png')} alt="Symantec-Endpoint-Security-Events-Overview" width="800"/>
234
+
The **Symantec Endpoint Security - Events Overview** The "Symantec Endpoint Security - Events Overview" dashboard provides a comprehensive view of endpoint security status through various widgets. These widgets display key data such as the total number of events, high-severity events, suspicious files, event distribution based on severity, category, event type, EDR event type, affected endpoints, top users linked to events, top malicious files, top SHA256 of files, top affected IPs, events over time, sandbox file detection events over time, and summaries of malicious files, events, hosts, threats, and incidents with the device. The dashboard also includes information on the geographic locations of affected endpoints and helps administrators monitor, manage, and respond to security threats in real-time. This enables businesses to secure endpoints and defend against various threats.<br/><img src={useBaseUrl('https://sumologic-app-data-v2.s3.us-east-1.amazonaws.com/dashboards/Symantec+Endpoint+Security+Service/Symantec-Endpoint-Security-Events-Overview.png')} alt="Symantec-Endpoint-Security-Events-Overview" width="800"/>
235
235
236
236
## Create monitors for Symantec Endpoint Security app
237
237
@@ -248,7 +248,7 @@ import CreateMonitors from '../../reuse/apps/create-monitors.md';
248
248
|`High Priority or Severity Incidents Detected`| This alert is triggered when an incident is created with high priority or severity. It helps you to monitor and stop potentially harmful events that could compromise endpoint security. | Critical | Count > 0 |
249
249
|`High-Risk Threat Detected by Cynic`| This alert is triggered when a high-risk threat is detected by the cynic. It allows you to quickly identify endpoints with a high concentration of threat activity, enabling swift action to contain and remediate potential infections. | Critical | Count > 0 |
250
250
|`Hight-Severity Malicious File Detected`| This alert is triggered when a known malicious file with high severity is detected running on a device. It helps you to monitor and stop potentially harmful files that could compromise device security and network integrity. | Critical | Count > 0 |
251
-
|`Incidents Detected from Embargoed Locations`| This alert triggers when an incident is detected from a location identified as high-risk. This helps you to monitor incidents from unusual or restricted geographic locations, enhancing your ability to identify suspicious activity. | Critical | Count > 0 |
251
+
|`Incidents Detected from Embargoed Locations`| This alert is triggered when an incident is detected from a location identified as high-risk. This helps you to monitor incidents from unusual or restricted geographic locations, enhancing your ability to identify suspicious activity. | Critical | Count > 0 |
252
252
|`Sandbox Malicious File Detected`| This alert is triggered when a known malicious file is detected by the sandbox. It helps you to monitor and stop potentially harmful files that could compromise device security and network integrity. | Critical | Count > 0 |
253
253
|`Spike in Impacted Devices Count`| This alert is triggered when a spike is detected in the number of impacted devices. It helps you to monitor and stop potentially harmful devices, enhancing your ability to identify suspicious activity. | Critical | Count > 0 |
254
254
|`Unresolved Incident Aging Beyond 7 days`| This alert is triggered when an incident is created and remains unresolved for 7 days. It helps you to monitor pending incidents for an extended period, enhancing your ability to identify suspicious activity. | Critical | Count > 0 |
@@ -263,4 +263,4 @@ import AppUpdate from '../../reuse/apps/app-update.md';
263
263
264
264
import AppUninstall from '../../reuse/apps/app-uninstall.md';
0 commit comments