![]() This add-on provides the CIM-compatible knowledge to use with other Splunk apps, such as Splunk Enterprise Security and the Splunk App for PCI Compliance. get device info: Get information about an endpoint. remove tag: Remove a tag from the endpoint. test connectivity: Validate connectivity to McAfee ePO. Important: Splunk is also supported for Managed Service Provider (MSP) environment. ![]() This add-on provides the inputs and CIM-compatible knowledge to use with other Splunk Enterprise apps, such as Splunk Enterprise Security and the Splunk App for PCI Compliance.ĭownload the Splunk Add-on for McAfee ePO Syslog from Splunkbase.įor a summary of new features, fixed issues, and known issues, see Release Notes for the Splunk Add-on for McAfee ePO Syslog.įor information about installing and configuring the Splunk Add-on for McAfee, see Install the Splunk Add-on for McAfee ePO Syslog. This app integrates with an instance of McAfee ESM to perform investigative and ingestion actions. The Splunk Add-on for McAfee Web Gateway allows a Splunk software administrator to collect logs from McAfee Web Gateway appliance using syslog. This app implements various endpoint based investigative and containment actions by integrating with McAfee ePO. You can then directly analyze the data or use it as a contextual data feed to correlate with other security data in Splunk. The Splunk Add-on for McAfee NSP will allow a Splunk software administrator to collect Alert events, Audit Events, Firewall Access Events and Fault Events. New app comes with Dashboard and corresponding data models. ![]() The Splunk Add-on for McAfee ePO Syslog lets a Splunk Enterprise administrator collect anti-virus information via Syslog. Event types can be identified in analyzertype key (threat or incident). Splunk Add-on for McAfee ePO Syslog Version ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |