Hello @chvgms ,
it is currently not possible, there is an open idea request for this feature already, please vote on it to get McAfee's attention:
There are two workarounds to check for triggered rules:
you can additonally use a EvaluatedRules property to find rules which were evaluated, but never triggered.
You can use Last.Rule property to find exit rules - the rules where the request was blocked or allowed, but it will not show the all processed rules in-between.
Rules.EvaluatedRules - List of all IDs of rules/rule sets, which have been evaluated
Rules.EvaluatedRules.Names - List of all name of rules/rule sets, which have been evaluated
Rules.FiredRules - List of all IDs of rules/rule sets, where the condition was true
Rules.FiredRules.Names - List of all names of rules/rule sets, where the condition was true
Edit: not Last.Rule but Rules.CurrentRuleName
Hope you are doing well.
Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!
If you have ePO server on your environment you could go and install McAfee CSR (Content Security Reporter) Find on the highlighted link the Installation guide, in order to get your Proxy and ePO server synced on information.
Once you have installed CSR (if not already there) You can perform a Report / Query based on hits per rule names or other property following this steps:
1. ePO Menu > Queries & Reports
2. Go to McAfee Groups > CSR: Productivity – WEB
3. Select “Top Web Categories” (as an example) > Actions Duplicate and save
Select a Name a group and Click OK
4. Go to the Group and select the recent created Query
Click Actions > Edit
5. Select the type of Chart to Show (Bars, Pie Chart or Table), the “Sum of hits”
6. In this example you can use “Pie Chart” for “Rule Names” and Summary of “Hits”
7. In the next Step you can select what information you need to show as this example:
8. At the end of the settings you can filter for any setting you need or you can leave it blank to get all the information.
9. Finally, you can save the Query, and
10.Run the Report.
This is an example using pi chart, you can use Bars or Tables if needed and also can play around with the options.
If you need further information you can check how to customize reports. on this Link
Hope it's helps!