I looking forward to generate meaningful executive reports on SIEM. the one builtin in McAfee SIEM are not up to the expectation.
is there any tutorial or documentation for that ?
Thank you in advance
Actually depends what you want to put into that report.
Below is quite good starting point:
The rest is based on your requirements.
If my experience serves as a reference:
After a working with McAfee engineers to try to get reporting right I simply gave up. Long history short, I got far better reporting after spending two weeks having to learn Hadoop streaming and some HiveQL than I got out of months trying to get anything meaningful from the ESM reports.