cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
kamlakarkadam
Level 7
Report Inappropriate Content
Message 1 of 12
‎08-25-2017 08:08 AM

Kaspersky integration issue.

Dear Team,

we are integrated Kaspersky antimalware via SQL pull method and its successfully added. But we are not getting any logs on ESM dashboards.

So someone help us to resolve this issue. Is there any guide to troubleshoot SQL pull method issue?

regards,

kamlakar kadam

0 Kudos
Reply
11 Replies
sssyyy
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 2 of 12
‎08-26-2017 08:04 PM

Re: Kaspersky integration issue.

make sure the user account used for SQL pull has dbreader and public rights.

0 Kudos
Reply
kamlakarkadam
Level 7
Report Inappropriate Content
Message 3 of 12
‎09-05-2017 07:57 AM

Re: Kaspersky integration issue.

yes user account has full public rights with DBreader

0 Kudos
Reply
amnesiac
Level 7
Report Inappropriate Content
Message 4 of 12
‎12-20-2017 05:25 AM

Re: Kaspersky integration issue.

We are experiencing the same issue. Did you resolve it?

0 Kudos
Reply
sam1
Level 7
Report Inappropriate Content
Message 5 of 12
‎01-24-2018 02:19 AM

Re: Kaspersky integration issue.

We are also experiencing the same issue.

Did someone find solution?

 

0 Kudos
Reply
marceh
Level 7
Report Inappropriate Content
Message 6 of 12
‎08-31-2018 03:13 PM

Re: Kaspersky integration issue.

I had the same problem and it was because of the user's permissions in the DB, these permissions are from the schemas, so you enter the BD of the epo then to security, you enter the user's properties for the SIEM and habilias db_datareader (for example, I tmb enable db_datawriter) and I also did it in memership

 

______

I speak Spanish but not very good English, I hope to help you.

0 Kudos
Reply
mikrotik
Level 11
Report Inappropriate Content
Message 7 of 12
‎10-03-2018 12:23 AM

Re: Kaspersky integration issue.

Hello Guys,

I have not seen so far on internet who did this task siccessfully. 

However, do you guys need such thing? Smiley Very Happy

KSC1.png

 

 

 

 

 

 

Hint: Use SQL pull method

Good Luck!

Thank You!

 

Best Regards,

Yours Sincerely,
Syed Irfan Naseer
0 Kudos
Reply
David1111
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 8 of 12
‎01-07-2019 05:40 AM

Re: Kaspersky integration issue.

Hi Syed Irfan Naseer.

 

Could you please help me with the integration of the Kaspersky with mcAfee ESM ?!

i know what i need to do in the McAfee, but no idea what to configure in the Kaspersky side.

Could you provide a screenshot of the Kaspersky Settings ?!

 

Thank you very much!!!

best regards

David

0 Kudos
Reply
mikrotik
Level 11
Report Inappropriate Content
Message 9 of 12
‎01-07-2019 06:18 AM

Re: Kaspersky integration issue.

Hi David,

Firstly, Kaspersky Administration Console or KSC nothing has to do with SIEM for integration process.

Secondly, It is only Database of Kaspersky which is integrated with SIEM.

Lastly,  are you sure the account you are using for Pull method has DB access rights of KSC?  if yes then how are you sure?

Thank You!

 

 

Yours Sincerely,
Syed Irfan Naseer
0 Kudos
Reply
David1111
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 10 of 12
‎01-07-2019 06:56 AM

Re: Kaspersky integration issue.

Hi Syed Irfan Naseer
first of all, Thanks' on the Quick Response!

i still didn't get from the customer the User Account name and password.

Becuse the IT company that's handeling the Kaspersky dosn't whant to provide me that,
They Claim that they need to send it via Syslog, the problem is i dont get the syslog, besides that it means i will need to write a lot of Parsing REGEX rules..... 😞

It would be very kind of you, if you could provide for me a screenshot of the configurations on the Kaspersky side, then i will be able to get them configure it properlly.

Best Regards.

Thanks' again.

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com

Legal   |   Privacy   |   Copyright © 2020 McAfee, LLC