cancel
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
jkbharrison
jkbharrison
Level 7
Report Inappropriate Content
Message 1 of 5
‎06-26-2018 10:14 AM

Exploit Prevention Events - not showing all events

Hello,

I have several systems generating EP events, but they are not displaying under Reporting --> Exploit Prevention Events. The last event to be reported was 05/30/18, but events on the client are being generated every day since. Any ideas?

 

 

2 people had this problem.
0 Kudos
Reply
4 Replies
denn
denn
Level 9
Report Inappropriate Content
Message 2 of 5
‎06-26-2018 10:05 PM

Re: Exploit Prevention Events - not showing all events

Have you tried to reinstall McAfee agent ? I have same issue, Agent communicating with ePO, receiving tasks but not reporting any events to ePO, After Agent reinstall issue was resolved.

0 Kudos
Reply
jkbharrison
jkbharrison
Level 7
Report Inappropriate Content
Message 3 of 5
‎06-27-2018 11:06 AM

Re: Exploit Prevention Events - not showing all events

Reinstalling the agent doesn't resolve the issue. Clients are sending events to ePO successfully, but Menu --> Exploit Prevention Events does not show any of the events after 5/30. If I create a manual query I can view all EP events. Furthermore, I receive an error when attempting to open any event currently under Menu --> Exploit Prevention Events. 

0 Kudos
Reply
kamranshakil77
kamranshakil77
Level 9
Report Inappropriate Content
Message 4 of 5
‎07-18-2018 04:46 PM

Re: Exploit Prevention Events - not showing all events

Did you validate if all events are being sent back to EPO. This can be done manually on the endpoint.


Also are you using default settings which only gather 'HIGH' mcafee-defined messages. There are stilll a plethora of messages classfied as 'LOW' and 'MEDIUM' which are not ticked/checked by default. Please take a look there in the configuration section and check the endpoint message uploads again from endpoint to the EPO.

0 Kudos
Reply
andy_judge
andy_judge
Level 10
Report Inappropriate Content
Message 5 of 5
2 weeks ago

Re: Exploit Prevention Events - not showing all events

The issue is the events are appearing under the Threat Events section of the machine record in ePO just not appearing in the 'Exploit Prevention Events' section in the console.

So the events are reported in ePO & present in the DB somewhere, just not in the area that makes the creation of new exclusions simple.

 

 

 

0 Kudos
Reply
Member Rewards
McAfee Community rewards active and helpful members just like you. Click here to take a look at the first community members who received a special reward and were recognized by McAfee leader, Aneel Jaeel, for their participation and trusted knowledge in the community.