The 'normal' SEP TA (https://splunkbase.splunk.com/app/2772/) is for use with other ingestion methods and will not work with the log format you get from symantec's syslog output.
Have a look at the specific SEP TA for use with syslog input: https://splunkbase.splunk.com/app/3121/
Make sure kiwi writes the log messages in a format that matches what the TA expects. Downside of Kiwi is that, as far as I know, it does not support writing the original full raw syslog message, but hopefully it has an output format that is suitable. If not: you may have to customize the TA a bit to make it work properly (or consider moving away from kiwi, but that is a separate discussion).
Also: what exact symantec app are you using for the dashboards you mention?
... View more