cancel
Showing results for 
Search instead for 
Did you mean: 
avjana
Level 7
Report Inappropriate Content
Message 1 of 6

How to Export the Trigger Alarms to an CSV or Run the report of Trigger Alarms

How do i export the Trigger alarms  or run the report on Trigger alarms...

We have been using the Trigger Alarms and would like to run metrics on the alarms... Your timely response is very much appreciated !!

5 Replies

Re: How to Export the Trigger Alarms to an CSV or Run the report of Trigger Alarms

Hi Avjana,

Use can use Device Type ID 329 and filter out all events. Now you can see only triggered alarms. You can export the alarms directly now or you can run a report with device type ID as 329 and get the triggered alarms list.

Regards,

Vinaya.

Highlighted
hazwan
Level 8
Report Inappropriate Content
Message 3 of 6

Re: How to Export the Trigger Alarms to an CSV or Run the report of Trigger Alarms

Hi Vinaya,

I have tried but it export on all triggered alarm. How do I export based on specific time for the alarm triggered?

Thank You.

Regards,

Hazwan

Re: How to Export the Trigger Alarms to an CSV or Run the report of Trigger Alarms

Hello Hazwan,

Suggest you to make a view for triggered alarms as Vinaya discussed and at the top there is a filter from there you can select the custom time option and fill whatever time interval you need..Accordingly do the same in configuring report and time interval option is also there at last,export your report..

I hope you will understand my words.

......David

kmc
Level 12
Report Inappropriate Content
Message 5 of 6

Re: How to Export the Trigger Alarms to an CSV or Run the report of Trigger Alarms

Ya it's quit useful.

But when i filtered based on the device type i was getting triggered alarm but the details are not accurate as per the alarm means it's not giving source IP address details in filter with device type 329 showing blank, but when i open alarm i was able to see IP address.

rth67
Level 12
Report Inappropriate Content
Message 6 of 6

Re: How to Export the Trigger Alarms to an CSV or Run the report of Trigger Alarms

Creating a View and Filtering on Device Type ID 329 (McAfee > Triggered Alarm) does not return any values on our SIEM(s).

Where you using the Device Type ID in a Report possibly?

We are currently on v9.6.1 MR1

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community