cancel
Showing results for 
Search instead for 
Did you mean: 

How can I document ESM's policy?

Hi all,

I am looking for ANY suggestions on how to document the policies of my ESMs; for example

- values of variables

- which correlation rules are enabled, and which have alarms on them

- what filters I have created

That is, I am looking for alternatives to doing it manually.  I already know that the 'export' options in the Policy Editor are only useful for getting XML output and importing it into another SIEM. 

Seriously, any help is welcome.

Thanks,

- Steve

1 Reply

Re: How can I document ESM's policy?

Hello Nelson,

Thank you, but I've spoken to your engineers about this before, and they weren't able to help me.  That's why I have turned to the community for assistance.

- Steve Kadish

 

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator