cancel
Showing results for 
Search instead for 
Did you mean: 
edr1
Level 7

HIPs List Events KB

Jump to solution

Hello,

Is there an updated KB for HIPs that lists events supported by EPO 4.X and 5.X? To be more specific, I am looking for something that lists severity level. Below is an example:

http://kc.mcafee.com/corporate/index?page=content&id=KB54677

The one I was able to fine is the following:

http://kc.mcafee.com/corporate/index?page=content&id=KB65559&actp=search&viewlocale=en_US&searchid=1...

Can someone please assist?

Thanks in advance

0 Kudos
1 Solution

Accepted Solutions
McAfee Employee

Re: HIPs List Events KB

Jump to solution

KB65559 applies to ePO 5.x as well. Updating that KB to include ePO 5.x.

KB65559 - List of the McAfee Host Intrusion Prevention 7.0 / 8.0 events supported by ePO 4.x

https://kc.mcafee.com/corporate/index?page=content&id=KB65559

  • HIPS Event ID severity does not equal HIPS Signature severity.
  • HIPS Signature severities are found within the IPS Rules policy, or exported per KB55119.
3 Replies
greatscott
Level 12

Re: HIPs List Events KB

Jump to solution

This is a good one:

https://kc.mcafee.com/corporate/index?page=content&id=KB55119

Run the query and dump all the signatures in your DB. You'll have to run it everytime a HIPS Content Update is released to get the most up to date changes.

Message was edited by: greatscott on 12/4/13 2:50:57 PM CST
edr1
Level 7

Re: HIPs List Events KB

Jump to solution

I think this sums it up. Thank you  gents

Message was edited by: edr1 on 12/4/13 3:02:38 PM CST
0 Kudos
McAfee Employee

Re: HIPs List Events KB

Jump to solution

KB65559 applies to ePO 5.x as well. Updating that KB to include ePO 5.x.

KB65559 - List of the McAfee Host Intrusion Prevention 7.0 / 8.0 events supported by ePO 4.x

https://kc.mcafee.com/corporate/index?page=content&id=KB65559

  • HIPS Event ID severity does not equal HIPS Signature severity.
  • HIPS Signature severities are found within the IPS Rules policy, or exported per KB55119.