I'm trying to setup ePO 5.1.1 to a kiwi syslog server and have had no luck.
Has anyone been able to do this with version 5.1.1 and if so how did you do it?
Could this possibly help? SolarWinds Knowledge Base :: Integrating McAfee ePolicy Orchestrator v4.5+ with SolarWinds LEM
As far as I'm aware there's no way to do syslog. We've always had our SIEM scrape the database through an MSSQL query.
After googling what epo/vse event code 1064 Service was started means, I found this: https://github.com/jpalanco/alienvault-ossim/blob/master/os-sim/ossim-mysql/db/plugins/mcafee-epo.sq...
So AlienVault OSSIM (the open source version of their SIEM program) supports it.
I'm still not sure what causes the 1064 message, but still....
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center
2821 Mission College Blvd.
Santa Clara, CA 95054 USA
Consumer Support | Enterprise Support | McAfee.com
Legal | Privacy | Copyright © 2019 McAfee, LLC