SIEM Foundations: Performing a Manual Rules Update

Version 3

    For SIEM deployments that do not have access to the public Internet from which to download new rules, a manual rule update can be performed using the following steps.

    1. Download the appropriate rule update file from the McAfee products website.
      McAfee [Customer/Partner/SE] Resources – SIEM – MFE Nitro Rules Downloads
      NOTES:
      • Rule updates are version-specific.
      • Make certain to download the rules update file for your version of McAfee SIEM.
      • GTI subscription updates can only be downloaded via the automated rules update process and cannot be manually updated.
    2. From the Rules and Software window, click the Manual Update button. A file upload window will open.
    3. Next, browse to the location of the rule update file from Step 1 and click Upload.
      Manual-Rule-Update circle.png
    4. When the rule update has completed you may see the following pop-up dialog window:

      Rules-Downloaded.png

      NOTE: This dialog may also appear upon future logins to the SIEM after rule updates have been recently applied.

       

      To confirm the last successful update of new rules, check the status on the ESM System Properties window.

      Rules-and-Software-Status2circle.png

     

    « previousoutlinenext »