cancel
Showing results for 
Search instead for 
Did you mean: 
edr1
Level 7
Report Inappropriate Content
Message 1 of 4

HIPs List Events KB

Jump to solution

Hello,

Is there an updated KB for HIPs that lists events supported by EPO 4.X and 5.X? To be more specific, I am looking for something that lists severity level. Below is an example:

http://kc.mcafee.com/corporate/index?page=content&id=KB54677

The one I was able to fine is the following:

http://kc.mcafee.com/corporate/index?page=content&id=KB65559&actp=search&viewlocale=en_US&searchid=1...

Can someone please assist?

Thanks in advance

1 Solution

Accepted Solutions
McAfee Employee ktankink
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: HIPs List Events KB

Jump to solution

KB65559 applies to ePO 5.x as well. Updating that KB to include ePO 5.x.

KB65559 - List of the McAfee Host Intrusion Prevention 7.0 / 8.0 events supported by ePO 4.x

https://kc.mcafee.com/corporate/index?page=content&id=KB65559

  • HIPS Event ID severity does not equal HIPS Signature severity.
  • HIPS Signature severities are found within the IPS Rules policy, or exported per KB55119.

View solution in original post

3 Replies
Highlighted

Re: HIPs List Events KB

Jump to solution

This is a good one:

https://kc.mcafee.com/corporate/index?page=content&id=KB55119

Run the query and dump all the signatures in your DB. You'll have to run it everytime a HIPS Content Update is released to get the most up to date changes.

Message was edited by: greatscott on 12/4/13 2:50:57 PM CST
edr1
Level 7
Report Inappropriate Content
Message 3 of 4

Re: HIPs List Events KB

Jump to solution

I think this sums it up. Thank you  gents

Message was edited by: edr1 on 12/4/13 3:02:38 PM CST
McAfee Employee ktankink
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: HIPs List Events KB

Jump to solution

KB65559 applies to ePO 5.x as well. Updating that KB to include ePO 5.x.

KB65559 - List of the McAfee Host Intrusion Prevention 7.0 / 8.0 events supported by ePO 4.x

https://kc.mcafee.com/corporate/index?page=content&id=KB65559

  • HIPS Event ID severity does not equal HIPS Signature severity.
  • HIPS Signature severities are found within the IPS Rules policy, or exported per KB55119.

View solution in original post

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community