8 Replies Latest reply on May 5, 2017 9:50 AM by paul.k

    [McAfee ESM] Customized Queries for Reports?


      Good Day,


      I would like to create a report on McAfee ESM, the report is a simple report that shows the Top Source IP ordered by the sum of Bytes, the event details were captured from a Squid data source.


      The challenge is, I am only able to select the Source IP for the bar graph, and it shows the Top Source IP based on sum of events. I also tried using grid view but, it also generates report per event, hence, multiple entries for a similar IP is displayed.


      I'd like to know if it's possible to create a custom query, or any other workaround I can do to create this kind of report?


      Thank You!