cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
rskadish-dexia
rskadish-dexia
Level 9
Report Inappropriate Content
Message 1 of 2
‎09-05-2018 12:30 PM

How can I document ESM's policy?

Hi all,

I am looking for ANY suggestions on how to document the policies of my ESMs; for example

- values of variables

- which correlation rules are enabled, and which have alarms on them

- what filters I have created

That is, I am looking for alternatives to doing it manually.  I already know that the 'export' options in the Policy Editor are only useful for getting XML output and importing it into another SIEM. 

Seriously, any help is welcome.

Thanks,

- Steve

0 Kudos
Reply
1 Reply
rskadish-dexia
rskadish-dexia
Level 9
Report Inappropriate Content
Message 2 of 2
‎09-11-2018 02:59 PM

Re: How can I document ESM's policy?

Hello Nelson,

Thank you, but I've spoken to your engineers about this before, and they weren't able to help me.  That's why I have turned to the community for assistance.

- Steve Kadish

 

0 Kudos
Reply
More McAfee Tools to Help You
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • Visit: Business Service Portal
  • More: Search Knowledge Articles
  • ePolicy Orchestrator Support
  • The McAfee ePO Support Center Plug-in is now available in the Software Manager. Follow the instructions in the Product Guide for more.