cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Endpoint Security for Mac Firewall log files

Jump to solution

Hi,
Where can we find the firewall log files for ENS for MAC for troubleshooting firewall issues?
Policy to log blocked/allowed event seems to be applied to windows only.
Is there no firewall log file available for MAC Like we have locally on Windows VSE (McAfeeFireLog.txt)?
If not how can we troubleshoot firewall blocking issues?

2 Solutions

Accepted Solutions
McAfee Employee jess_arman
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: Endpoint Security for Mac Firewall log files

Jump to solution

@User18961099 There is not a basic FW log for Mac systems. You can review the available features and limitations of the Mac version vs the Windows version of ENSFW in KB89124 and KB85006.

In order to troubleshoot ENSFW for Mac issues, you must first enable debug logging for the firewall in your Endpoint Security Common Options policy. Then, the debug firewall information will get logged into /var/log/system.log with line flags of MFE_FW.

 

Was my reply helpful?

If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

McAfee Employee chealey
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: Endpoint Security for Mac Firewall log files

Jump to solution

Using the "console" is the easiest way to review the logs on a MAC. It is very different to Windows. We have no control over how the OS decides to control their logging, we (McAfee) hook into what is required from us by the OS.

You can copy data from the logs to a text file, if you want to export to review on your Windows machine . First, click Edit > Select All to select all the messages on the current screen. Next, click Edit > Copy to copy them to your clipboard.

Next, open the TextEdit application—for example, by pressing Command+Space, typing “TextEdit,” and pressing “Enter.” Create a new document and then select Edit > Paste to paste the messages into the text file. Click File > Save to save your text file afterwards. This file can then be copied to your Windows machine. Hope this helps a bit!

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?
3 Replies
McAfee Employee jess_arman
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: Endpoint Security for Mac Firewall log files

Jump to solution

@User18961099 There is not a basic FW log for Mac systems. You can review the available features and limitations of the Mac version vs the Windows version of ENSFW in KB89124 and KB85006.

In order to troubleshoot ENSFW for Mac issues, you must first enable debug logging for the firewall in your Endpoint Security Common Options policy. Then, the debug firewall information will get logged into /var/log/system.log with line flags of MFE_FW.

 

Was my reply helpful?

If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

Re: Endpoint Security for Mac Firewall log files

Jump to solution

 Hi,

Thanks for you tip. I can see the Firewall logs in the device log (and not system.log)  a prefix - MFE_SFW in MAC App "Console" but these are not readable like windows firewall logs. I suppose it's as designed. Also don’t know how to export them. There is nothing in  /var/log/system.log with prefix

Device logs in Console 

mac_console.JPG

McAfee Employee chealey
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: Endpoint Security for Mac Firewall log files

Jump to solution

Using the "console" is the easiest way to review the logs on a MAC. It is very different to Windows. We have no control over how the OS decides to control their logging, we (McAfee) hook into what is required from us by the OS.

You can copy data from the logs to a text file, if you want to export to review on your Windows machine . First, click Edit > Select All to select all the messages on the current screen. Next, click Edit > Copy to copy them to your clipboard.

Next, open the TextEdit application—for example, by pressing Command+Space, typing “TextEdit,” and pressing “Enter.” Create a new document and then select Edit > Paste to paste the messages into the text file. Click File > Save to save your text file afterwards. This file can then be copied to your Windows machine. Hope this helps a bit!

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?
More McAfee Tools to Help You
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • Visit: Business Service Portal
  • More: Search Knowledge Articles
  • ePolicy Orchestrator Support

    • Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center