SNS ProTip for SIEM: Troubleshooting Open Platform for Security Errors with SIEM

Version 2

    To help you maximize your SIEM deployment, McAfee SNS ProTips deliver troubleshooting, best practices and how-to tips with links to in-depth KnowledgeBase resources.

    Some users operating McAfee SIEM with Open Platform for Security (OPSEC) may encounter the following issues:

    • Errors in /var/log/messages occur when the OPSEC Client cannot communicate with the Log Server
    • SIC Failure reflects a possible misconfiguration between the Check Point data source and the Check Point Log Server
    • Other OPSEC errors (ex. Opsec error. rc=-1 err=-93) may occur for a variety of reasons ranging from incorrect IP addresses to an incorrect activation key

    For information on how to solve these issues, see KB78051 - How to troubleshoot OPSEC errors with SIEM.

    For more resources, visit the McAfee KnowledgeBase and search for SIEM-related KBs and visit the McAfee SIEM Community.