cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
paul.k
Level 10
Report Inappropriate Content
Message 1 of 5
‎04-28-2017 06:56 AM

Does anyone one know how to filter by event count?

Jump to solution

Dear community,

I am trying to generate some reports where I pick out a source or destination IP when a certain event count threshold is met

For example

all source IP addresses greater than 1000 Total Event count .

While I see more than one way to display this data, i can't find a way to create a report, or a view to display this data with the filter in mind.

Does any one have any clue if this is even possible?

Thanks

0 Kudos
Reply
1 Solution

Accepted Solutions
Highlighted
andy777
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 5
‎05-08-2017 04:25 AM

Re: Does anyone one know how to filter by event count?

Jump to solution

Have you considered creating correlation rules for the thresholds and reporting on those events when they fire?

View solution in original post

0 Kudos
Reply
4 Replies
Highlighted
andy777
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 5
‎05-08-2017 04:25 AM

Re: Does anyone one know how to filter by event count?

Jump to solution

Have you considered creating correlation rules for the thresholds and reporting on those events when they fire?

View solution in original post

0 Kudos
Reply
Highlighted
paul.k
Level 10
Report Inappropriate Content
Message 3 of 5
‎05-08-2017 06:55 AM

Re: Does anyone one know how to filter by event count?

Jump to solution

I did but I am trying to avoid creating unnecessary correlation hits.

It's also not quite what I am looking for.

Good Idea though. I might just have to consider doing that in historical mode.

0 Kudos
Reply
Highlighted
paul.k
Level 10
Report Inappropriate Content
Message 4 of 5
‎05-17-2017 12:03 PM

Re: Does anyone one know how to filter by event count?

Jump to solution

Andy,

I figured that out in the last a few days ago.

Been meaning to reply.

Thanks,

0 Kudos
Reply
Highlighted
cristianradu
Level 8
Report Inappropriate Content
Message 5 of 5
‎03-27-2019 09:55 AM

Re: Does anyone one know how to filter by event count?

Jump to solution

 How did you managed to filter based on event count?

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
2821 Mission College Blvd.
Santa Clara, CA 95054 USA

Consumer Support   |   Enterprise Support   |   McAfee.com

Legal   |   Privacy   |   Copyright © 2019 McAfee, LLC