Showing results for 
Search instead for 
Did you mean: 
Reliable Contributor sssyyy
Reliable Contributor
Report Inappropriate Content
Message 1 of 4

ESM 9.6.0 MR7 Bug

Just upgraded to MR7, and found a possible bug, where inactive flag would display beside data source, while it's actively getting logs within the inactivity setting timeframe. Anyone else seeing this?

3 Replies

Re: ESM 9.6.0 MR7 Bug

I saw a similar issue, and made a similar assumption. However, while observing the messages log in real time for the 2 data-sources, it turned out to be the 2 data-sources were affected more by time change. This is in addition to the parser being changed to meet the new parameters of an up to date Cisco device.

I would recommend doing a MANUAL rule update, and a policy push to ALL devices. Thats how I fixed my issue that seems similar to yours.

Reliable Contributor sssyyy
Reliable Contributor
Report Inappropriate Content
Message 3 of 4

Re: ESM 9.6.0 MR7 Bug

Tried manual rule update and rolled policy out to all devices. But the inactive flag is still there. Mine is a Linux data source with syslog data. Which rule update did you use? I tried both below without any luck:



Level 10
Report Inappropriate Content
Message 4 of 4

Re: ESM 9.6.0 MR7 Bug

I would suggest logging a Service Request with McAfee.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community