Hello experts,I am new to McAfee ESM. I want to create some rules related to SEPM. But I am not getting the relevant fields. For example, I want to write a rule with a field name "Risk Name In WSReputation". I am not getting that field in the drop down. Do we have any relevant fields in ESM.
Can anyone please help me in getting the relevant fields that can be used for writing different rules for Antivrus logs.
Any inputs are welcome. Thanks in advance.
You have to create a Custom Type for that field "Risk Name In WSReputation" and then you can use it in rule creation.
System Configuration -> Custom Types -> Add
Make sure not to use the same custom field on two fields in the same rule. So pick the events field of "Risk Name In WSReputation" with extra care.
Where can we create a new Custom Type. I dont see any field in System Properties. There is one Custom Settings tab, but there is no option to add any fields.Can you please help. We are using 9.6.0.