cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Highlighted
paul.k
paul.k
Level 10
Report Inappropriate Content
Message 1 of 5
‎04-28-2017 06:56 AM

Does anyone one know how to filter by event count?

Jump to solution

Dear community,

I am trying to generate some reports where I pick out a source or destination IP when a certain event count threshold is met

For example

all source IP addresses greater than 1000 Total Event count .

While I see more than one way to display this data, i can't find a way to create a report, or a view to display this data with the filter in mind.

Does any one have any clue if this is even possible?

Thanks

0 Kudos
Reply
1 Solution

Accepted Solutions
andy777
McAfee Employee andy777
McAfee Employee
Report Inappropriate Content
Message 2 of 5
‎05-08-2017 04:25 AM

Re: Does anyone one know how to filter by event count?

Jump to solution

Have you considered creating correlation rules for the thresholds and reporting on those events when they fire?

0 Kudos
Reply
4 Replies
andy777
McAfee Employee andy777
McAfee Employee
Report Inappropriate Content
Message 2 of 5
‎05-08-2017 04:25 AM

Re: Does anyone one know how to filter by event count?

Jump to solution

Have you considered creating correlation rules for the thresholds and reporting on those events when they fire?

0 Kudos
Reply
paul.k
paul.k
Level 10
Report Inappropriate Content
Message 3 of 5
‎05-08-2017 06:55 AM

Re: Does anyone one know how to filter by event count?

Jump to solution

I did but I am trying to avoid creating unnecessary correlation hits.

It's also not quite what I am looking for.

Good Idea though. I might just have to consider doing that in historical mode.

0 Kudos
Reply
paul.k
paul.k
Level 10
Report Inappropriate Content
Message 4 of 5
‎05-17-2017 12:03 PM

Re: Does anyone one know how to filter by event count?

Jump to solution

Andy,

I figured that out in the last a few days ago.

Been meaning to reply.

Thanks,

0 Kudos
Reply
cristianradu
cristianradu
Level 8
Report Inappropriate Content
Message 5 of 5
‎03-27-2019 09:55 AM

Re: Does anyone one know how to filter by event count?

Jump to solution

 How did you managed to filter based on event count?

0 Kudos
Reply
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator

    • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community


    Corporate Headquarters
    2821 Mission College Blvd.
    Santa Clara, CA 95054 USA

    Consumer Support   |   Enterprise Support   |   McAfee.com

    Legal   |   Privacy   |   Copyright © 2019 McAfee, LLC