cancel
Showing results for 
Search instead for 
Did you mean: 

SNS ProTip for SIEM: Troubleshooting Issues with Events

To help you maximize your SIEM deployment, McAfee SNS ProTips deliver troubleshooting, best practices and how-to tips with links to in-depth KnowledgeBase resources.

Following are three resources to reference when troubleshooting issues with events.

  • KB82161– ESM becomes sluggish and fails to keep up with events
    If the user interface in your SIEM Enterprise Security Manager becomes sluggish and unable to keep up with events delivered from the receiver, it could be due to an incorrect RAID setting.
  • KB82132 – ESM stops displaying events for the current day
    If  your ESM stops displaying events from the current day, it could be an issue with the rules table.
  • KB82114 – Some events are not showing the Source User field in the Details tab
    If you have a number of SIEM Event Receivers working correctly, but the Source User field in the details tab of one is not visible, the StringMap table may have become corrupt. A simple change in the Last Download String Record should remedy this.

  For more resources, visit the McAfee KnowledgeBase and search for SIEM-related KBs, and visit the McAfee SIEM Community.

Version history
Revision #:
1 of 1
Last update:
‎08-25-2014 02:10 PM
Updated by:
 

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community