cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
bmanilov
bmanilov
Level 7
Report Inappropriate Content
Message 1 of 3
‎02-25-2016 09:25 AM

What is Data Source - Auto Learned rules?

Hi All,

Could you please help me to figure out what auto-learned rules is designed for? And when exactly are they created?

0 Kudos
Reply
2 Replies
rlourenco
rlourenco
Level 9
Report Inappropriate Content
Message 2 of 3
‎02-26-2016 03:58 AM

Re: What is Data Source - Auto Learned rules?

Hi

So i may stand to be correct but i believe they get created when you have a data source created and its parser gets activated.  so for example, if you have mcafee web gateway and it detects and virus it will send the SIEM this event probably using syslog.  as soon as the SIEM parsers it for the first time for that data source, it will create the auto-learned rule.  but it will only create an auto learned rule if a parser exists and and event that triggers that parser is received.

0 Kudos
Reply
Highlighted
yassinezeroual
yassinezeroual
Level 10
Report Inappropriate Content
Message 3 of 3
‎03-24-2016 10:01 AM

Re: What is Data Source - Auto Learned rules?

Data Source Rules on the Policy Editor are Auto Learned by the Receiver as it processes the information sent to it by data sources that are associated with the Receiver.

All the rules at the Data source rules are auto learned and you can delete them.

0 Kudos
Reply
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator

    • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community


    Corporate Headquarters
    2821 Mission College Blvd.
    Santa Clara, CA 95054 USA

    Consumer Support   |   Enterprise Support   |   McAfee.com

    Legal   |   Privacy   |   Copyright © 2019 McAfee, LLC