cancel
Showing results for 
Search instead for 
Did you mean: 
edr1
Level 7
Report Inappropriate Content
Message 1 of 4

HIPs List Events KB

Jump to solution

Hello,

Is there an updated KB for HIPs that lists events supported by EPO 4.X and 5.X? To be more specific, I am looking for something that lists severity level. Below is an example:

http://kc.mcafee.com/corporate/index?page=content&id=KB54677

The one I was able to fine is the following:

http://kc.mcafee.com/corporate/index?page=content&id=KB65559&actp=search&viewlocale=en_US&searchid=1...

Can someone please assist?

Thanks in advance

1 Solution

Accepted Solutions
McAfee Employee ktankink
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: HIPs List Events KB

Jump to solution

KB65559 applies to ePO 5.x as well. Updating that KB to include ePO 5.x.

KB65559 - List of the McAfee Host Intrusion Prevention 7.0 / 8.0 events supported by ePO 4.x

https://kc.mcafee.com/corporate/index?page=content&id=KB65559

  • HIPS Event ID severity does not equal HIPS Signature severity.
  • HIPS Signature severities are found within the IPS Rules policy, or exported per KB55119.
3 Replies
Highlighted

Re: HIPs List Events KB

Jump to solution

This is a good one:

https://kc.mcafee.com/corporate/index?page=content&id=KB55119

Run the query and dump all the signatures in your DB. You'll have to run it everytime a HIPS Content Update is released to get the most up to date changes.

Message was edited by: greatscott on 12/4/13 2:50:57 PM CST
edr1
Level 7
Report Inappropriate Content
Message 3 of 4

Re: HIPs List Events KB

Jump to solution

I think this sums it up. Thank you  gents

Message was edited by: edr1 on 12/4/13 3:02:38 PM CST
McAfee Employee ktankink
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: HIPs List Events KB

Jump to solution

KB65559 applies to ePO 5.x as well. Updating that KB to include ePO 5.x.

KB65559 - List of the McAfee Host Intrusion Prevention 7.0 / 8.0 events supported by ePO 4.x

https://kc.mcafee.com/corporate/index?page=content&id=KB65559

  • HIPS Event ID severity does not equal HIPS Signature severity.
  • HIPS Signature severities are found within the IPS Rules policy, or exported per KB55119.
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator