I am trying to find some sort of repository with examples of McAfee endpoint solutions events/alerts (e.g: Infected file deleted for Endpoint Security 10.5.0) and it seems like there is no such thing.
I want to create a CEF (using arcsight) repository so it'll be easier to define a set of rules.
Does anybody have a solution for me? a clue?
Retrieving data ...