you could do a host integrity scan on the follwing registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Symantec\Symantec Endpoint Protection\CurrentVersion\public-opstate\InstallType == 2
or
HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\DarkNetwork == 1
those should be dark network clients, you can then export the list in the compliance logs on the manager.
You can also search through the client groups and search for all dark network, vdi, standard cllients like this: Install Type = Dark network
and export this list.
not really comfortable but should do it.