SNS ProTip for SIEM: How to create a notification when a specific signature triggers

Version 1

    Administrators may need to be notified of a specific event or send an alert to a monitoring station via SNMP or syslog. You can configure the Enterprise Security Manager (ESM) to generate notifications for many conditions, including alert rate, deviation from baseline, and time of day.

    For instructions on how to create a notification when a specific event occurs, see KB74682 (https://kb.mcafee.com/corporate/index?page=content&id=KB74682).

     

    For more resources, visit the McAfee KnowledgeBase http://support.mcafee.com and search for SIEM-related KBs and visit the McAfee SIEM Community https://community.mcafee.com/community/business/siem.

     

    To help you maximize your SIEM deployment, McAfee SNS ProTips deliver troubleshooting, best practices and how-to tips with links in-depth KnowledgeBase resources. To unsubscribe from ProTips or change your SNS settings, visit the SNS Subscription Center https://sns.snssecure.mcafee.com/content/signup_login/ .