cancel
Showing results for 
Search instead for 
Did you mean: 

Taxonomy Log ePO with Sentinel

Hello,

Sorry for my bad english, i'm french.
I use in my enterprise a software called "Sentinel" whitch collect log from ePO in order to generate real-time alerts (http://www.novell.com/products/sentinel).

In order to do these, a software agent categorize events (ePO_events.csv) by a CSV file (tx_mcfe_epox_036x.csv) provided by McAfee i think

This last CSV file is not complete, it miss events from ID 4700 to ID 30000.

Where i can ask in order to have a complete tx_mcfe_epox_036x.csv file ?

Thank you very much for your help!

Romain.

P.S : In order to understand my demand, the files are here :

http://www.macros.fr/webftp/ePO_events.csv
http://www.macros.fr/webftp/tx_mcfe_epox_036x.csv
5 Replies
tonyb99
Level 13
Report Inappropriate Content
Message 2 of 6

RE: Taxonomy Log ePO with Sentinel

From what I can see on Novell the different sentinel collectors are an integral part of the system and are provided through the software, you ned to check you are up to date with sentinel.

There are various forums for this software here is a link to a forum listing of the collectors available with v5.13 and version 6, I would look to these forums for support with this product.

http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=3448620&sliceId=SAL_Publ... 0 52096513

RE: Taxonomy Log ePO with Sentinel

Thanks tonyb99, but i have downloaded the lastest ePO collector on NOVELL and the files ePO_events.csv and tx_mcfe_epox_036x.csv have only events from ID 1000 to ID 4651, they are incomplete.

I have completed ePO_events.csv from ID 4700 to ID 30000 by the help of this site : https://knowledge.mcafee.com/article/978/6423643_f.SAL_Public.html (I used the first two columns)

But now i don't have same information for tx_mcfe_epox_036x.csv.

I will try to contact Novell for more information but i think that this files was given to them by McAfee...
tonyb99
Level 13
Report Inappropriate Content
Message 4 of 6

RE: Taxonomy Log ePO with Sentinel

The mcafee one is no good to you as it needs to formatted in a way that sentinel can read it, thats why I advised you to go back to novell.

RE: Taxonomy Log ePO with Sentinel

You are right tonyb99 but formatting is very simple by EXCEL, only a quote between each field.

The most difficult is to have the taxonomy info for ID 4700 to 30000. I will try to see if Novell can give me...

RE: Taxonomy Log ePO with Sentinel

We use Sentinel but developed a direct ODBC connection and get all th events from A/V and HIPS.

You might try that, or modify your existing agent to include more events. If you know what they are you should be able to add them.