cancel
Showing results for 
Search instead for 
Did you mean: 
petchi
Level 9
Report Inappropriate Content
Message 1 of 4

Report to get top threat's affected machines

Anyone could suggest a way to get the machines list which has more threats?

Thanks,

Petchi S

3 Replies

Re: Report to get top threat's affected machines

Hi

You can generate this information using Queries and Reports. Do you know what information specifically you which to use to identify threats.

Malware, Firewall events. If you could be more specific I could help suggest which fields and queries you could create.

Regards

Rich

Certified McAfee Product Specialist - ePO

McAfee Volunteer Moderator

petchi
Level 9
Report Inappropriate Content
Message 3 of 4

Re: Report to get top threat's affected machines

Hi Rich,

I'm looking for malware alerts, If you suggest necessary query it would be helpful.

Thanks,

Petchi S

Re: Report to get top threat's affected machines

Hi

The following will create a query which will generate a list of Top 10 machines with Malware threat events in the past 7 days:

New Query

Events > Threat Events

Single Group Summary Table

Labels are: Detecting Product Host Name

Sort By: Value Descending

Maximun Items: 10

Values are: Number of Threat Events

Select the columns you want in the drill down data

Filter:

Event Generated Time: Is Within the last 1 Weeks

and

Event Category Belongs to: Malware.

Regards

Rich

Certified McAfee Product Specialist - ePO

McAfee Volunteer Moderator