Showing results for 
Search instead for 
Did you mean: 

Configure log sources using hostname

Good Morning,

During a failover test, we noticed that logs from EPO stopped flowing because the SIEM was configured to collect logs based on IP address. I was wondering if there was a way to configure log collection with hostname.

If not possible, are there any alternatives that may work similarly? We do not want to have 2 seperate log sources, one that is the primary and another failover source. This will always result in at least 1 being offline at all times.

Thank You,

Scott Blasing

Labels (1)
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator