SNS ProTip for SIEM: How to get packet data from an event in a Field Match Alarm

Version 1

    One of the actions that McAfee SIEM 9.x can take in the event of an alarm is to send an email with event details. There are a number of variables that can be included in the email; however, packet data is not one of the defaults. For steps detailing how to include packet data, see KB82129 - How to get packet data from an event in a Field Match Alarm (https://kc.mcafee.com/corporate/index?page=content&id=KB82129).

    For more resources, visit https://support.mcafee.com and search for SIEM-related KBs and visit the McAfee SIEM Community at https://community.mcafee.com/community/business/siem.

    To help you maximize your SIEM, McAfee SNS ProTips deliver troubleshooting, best practices and how-to tips with links in-depth KnowledgeBase resources. To unsubscribe from ProTips or change your SNS settings, visit the SNS Subscription Center at https://sns.snssecure.mcafee.com/content/signup_login