cancel
Showing results for 
Search instead for 
Did you mean: 

Linux managed client not sending Threat to epo

I have setup Linux end point protection 10.2 on Redhat 7 server and configured ePO 5.10 .

Linux system setup as managed client. I did a test using below url,  immediately file got removed as expected. However event not sent to epo. 

 

 

https://kc.mcafee.com/corporate/index?page=content&id=KB59742

3 Replies
LKS McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: Linux managed client not sending Threat to epo

Hi RageshMoorkoth,

I see that you are using ENSLTP 10.2 which is very old. Firstly i would recommend you to upgrade to latest version. What is the Agent version are you using.

Secondly coming back to the issue, event got generated on client machine but it is not sending it to ePO.

Things to check : 

* Did you check the target machine in ePO under Threat event log. Do you see the machine with Threat event details.

* Are there any events lying under <ePO install directory>/DB/Events folder and also under Debug folder.

* Have your updated ENS extensions in EPO.

* Have you enabled Event ID 1278 in eventfiltering under  ePO-->server settings-->eventfiltering.

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

Re: Linux managed client not sending Threat to epo

what I have is a trial version both Epo as well as ENSLTP.   For trial only available version is 10.2.

I am setting this for  one of my client, once they happy they will go for it.  I should be able to show them  how reporting /dashboard etc works. I am new to this tool. learning things  slowly. 

 

 

Did you check the target machine in ePO under Threat event log. Do you see the machine with Threat event details. :

Ans : I have checked . not showing any threat in the event log. 

Are there any events lying under <ePO install directory>/DB/Events  :

Ans: No events. However I see an empty directory under /DB/Event/unknown. 

Have your updated ENS extensions in EPO :

Ans :not updated or installed any plugin. only default available.

Have you enabled Event ID 1278 in eventfiltering under ePO-->server settings-->eventfiltering. :

Ans: yes.  I see this enabled. 

 

 

LKS McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: Linux managed client not sending Threat to epo

Welcome to McAfee club. So going through your response seems there is no ENS extension checked in.

Ans :not updated or installed any plugin. only default available.

Can you confirm if ENS extension is checkedin. Goto EPo-->menu-->extension-->search for Endpoint security

If it is not present, then go to software manager-->evaluation-->search for endpoint security and search for extension-->checkin.

You might see ENS 10.2 bundle on the same page, you can check in the entire bundle which will contains package and extensions.

What is the Agent version have you installed on client machine.

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community