Closed mnr-hmm closed 2 years ago
This script used to parse SEP (Symantec Endpoint Protection) log files to a list of JSONs.
The script at its current version parses the following log files:
Security log (seclog.log)
System log (syslog.log)
Firewall Traffic log (tralog.log)
Firewall Packet log (rawlog.log)
Application and Device Control log (processlog.log)
AV Management plugin log (AVMan.log)
I would also recommend adding in the output from ccSubSDK. There is a ton of useful information in there also. :)
thank you for the contribution
This script used to parse SEP (Symantec Endpoint Protection) log files to a list of JSONs.
The script at its current version parses the following log files:
Security log (seclog.log)
System log (syslog.log)
Firewall Traffic log (tralog.log)
Firewall Packet log (rawlog.log)
Application and Device Control log (processlog.log)
AV Management plugin log (AVMan.log)