I tried add McAfee Email Gateway as data soure but not success:
- at ENMELM , i add data source :
- At McAfee Email Gateway , i config :
Can i help me ?
Did you tray to use tcpdump on the receiver?
ssh on ERC -> for example: tcpdump -i eth0 host 192.168.0.1
If the data are receiving by ERC than try to use add MEG via autolearn
I tried do it as you talk but not recive .
I see at via ssh : tcpdump is not see data at email gateway send to ERC ,
Message was edited by: lichnt on 6/13/13 9:31:55 PM CDT
Did you write the settings on the receiver?
What is the problem you are having exactly? You aren't seeing the logs in an ESM view? Did you write the settings to the receiver?
Or they aren't being sent to the ELM?
Also, all your packets show a length of 0. Do you actually have email gateway traffic? Use the TCPDUMP switch -n and -A and see if any logs come through.
Mcafee MEG use syslog (UDP port 514)
Try configuring the McAfee MEG like the picture below:
Also, the Mask should be 32 because is just a device.