Showing results for 
Show  only  | Search instead for 
Did you mean: 
Level 7
Report Inappropriate Content
Message 1 of 10

McaFee SIEM Training

Dear All,

We will going to have training on McAfeee SIEM,

I need list checklist covering points to make sure trainer has covered all areas , since I am new to this tool.

Thanks in Advance



9 Replies
Level 12
Report Inappropriate Content
Message 2 of 10

Re: McaFee SIEM Training


  • Data sources integration
    • Windows WMI
    • Windows CEF
    • Syslog
      • Troubleshoot
  • Dashboard
    • Creating and modify existing one
  • Assetmanager
    • Assests
    • Zones
    • and so on
  • Watchlist
    • Dynamic
    • Static
  • Alarm
    • Generate various Alarms for your Network
  • Reporting
    • make some different reports
  • Correlation
  • ELM
  • and many more
Level 7
Report Inappropriate Content
Message 3 of 10

Re: McaFee SIEM Training

thanks xded for information ,

looking for ward for more information , if any one has attended Mcafee official training , what were the topics they cover..

this training is from the vendor who is implementing the tool, they are not organized , so I have feeling they might miss some important topics.

Level 12
Report Inappropriate Content
Message 4 of 10

Re: McaFee SIEM Training

Download the userguid and the table of content is the structur of the training, i think.

Level 8
Report Inappropriate Content
Message 5 of 10

Re: McaFee SIEM Training

When you will have this training?

I am going to have on 17th March in UK.

Re: McaFee SIEM Training

I just would like to share with guys if you already don't know it.

There's a program called ACE for partners, and if you are, you can sign up at .

Steps to take certification:

1. Complete the Pre-Work ( A serie of web courses )

2. 2 Days of presencial course at McAfee Building

3. Get an opportunity ID and install a POC of SIEM

You can find complete details at .

Any doubt you can contact me and I'll be happy to help.


Re: McaFee SIEM Training

I Just forgot the question you made!!

You can find details here and download the data sheet:

McAfee SIEM Administration | Treinamento em produtos da McAfee

Course Outline

Chapter 1: SIEM Overview

  • What Is SIEM?
  • How SIEM is used
  • SIEM Components Overview
  • SIEM Architecture
  • Identifying Business Needs and Stakeholders
  • Deployment Scenarios
  • SIEM Sizing Overview
  • McAfee Enterprise Security Manager

    Interface Setup

  • FIPS
  • Implementation Process
  • Change Control

    Chapter 2: McAfee Enterprise Security Manager and Receiver Overview

    • McAfee Enterprise Security Manager Properties Overview

    • McAfee Enterprise Security Manager Settings
    • Receiver Redundancy
    • Receiver Overview/Properties
    • Receiver Vulnerability Assessment
    • Receiver Asset Data Source
    • Receiver Key Management
    • Receiver Connection, Device Logs, Configuration,


      Chapter 3: McAfee Enterprise Security Manager Interface Views

  • The Data Problem
  • Log Management Challenges
  • ESMI Views
  • Using the Toolbar
  • Theft of Confidential Information
  • Use of Unauthorized Applications
  • Situational Awareness
  • Cyber Slacking in the Workplace
  • Use of Weak Passwords
  • McAfee User Interface
  • Views Toolbar
  • Filters
  • Out-of-Box Dashboard Views
  • Custom Views
  • Data Binding

Chapter 4: Receiver Data Source Configuration Receiver Data Sources
Receiver Properties
Adding a Data Source

Data Source Types
Configuring Common Data Sources Client Data Sources
Data Source Profiles
Data Source AutoLearn
Adding VA Data Sources
Asset Manager
Real Time in Data Enrichment

Chapter 5: Aggregation
About Aggregation and Timestamps Event Aggregation
Dynamic Aggregation
Setting Event Aggregation Levels
Default Aggregation Settings
Customizing Aggregation
Flow Aggregation
Port Values

Chapter 6: Policy Editor

  • Policy Editor Overview
  • Default Policy
  • Policy Tree: Modifying
  • Policy Importing and Exporting
  • Policy Change History
  • Policy Status and Rollout
  • Filtering and Tagging
  • Operations and Tools Menu
  • Normalization
  • Rule Variables
  • Severity Weights
  • Rule Types
  • Rule Inheritance
  • Rule Properties: Settings
  • Advanced Syslog Parser Rules

Chapter 7: Correlation

  • Optimized Risk Management
  • Event Normalization
  • Event Correlation Engine
  • Advanced Correlation Engine
  • Receiver Correlation
  • Adding a Correlation Data Source
  • Correlation Rule Editor
  • Rolling out Correlation Policy
  • Creating a Custom Correlation Rule
  • Editing an existing correlation rule
  • Adding an ACE appliance
  • Using Historical mode

    Chapter 8: Alarms and Watchlists

  • Creating Alarms
  • Alarm Settings
  • Alarm Details
  • Triggering Alarms
  • Watchlists
  • Watchlist Types: Static and Dynamic
  • Creating Watchlists

    Chapter 9: Reporting

    • Out-of-Box Reports

    • Report Properties
    • Create Reports
    • Report Layout
    • Document Properties
    • Report Conditions
    • Query Wizard
    • Report Filter
    • Email, SMS, SNMP, Syslog Report Options
    • Viewing Reports

      Chapter 10: Working with McAfee Enterprise Log Manager

    • McAfee Enterprise Log Manager Properties
    • ELM Terminology
    • Adding an McAfee Enterprise Log Manager Device
    • Estimating McAfee Enterprise Log Manager


    • McAfee Enterprise Log Manager Configuration Settings
    • McAfee Enterprise Log Manager Backup and Restore

McAfee Enterprise Log Manager Logs
Migrating the Database
McAfee Enterprise Log Manager Compression SAN volumes
Full Text Indexer
McAfee Enterprise Log Manager Storage Pools iSCSI Configuration
Adding, Editing, or Deleting Storage Devices
ELM Mirrored Data Storage
ELM Data

Chapter 11: Troubleshooting and System Management

  • McAfee Technical Support
  • Login Troubleshooting
  • Operating System and Browser-Specific Issues
  • Hardware Issues
  • Update and Upgrade Issues
  • McAfee Health Status Flag
  • McAfee Enterprise Security Manager and McAfee

    Enterprise Security Manager Interface Troubleshooting

  • ESM Settings

    Chapter 12: SIEM Workflow

    McAfee Enterprise Security Manager Interface Desktop

    Event Drilldown
    Event Analysis
    More About Using Specific Dashboards:

    Normalized, Asset Vulnerability, Event and Destination Geo-Location, Source User, Host, Default Flow, Incident

    SIEM Workflow Demonstration Case Management

Re: McaFee SIEM Training

Where do we find the Mcafee training? We want to complete it ASAP. All the above links are outdated or no reachable.

Level 7
Report Inappropriate Content
Message 9 of 10

Re: McaFee SIEM Training

everything is now behind a paywall.

Re: McaFee SIEM Training

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community