I Started this discussion because I have two unknows and would like help me a little.
Is there any way to monitor, review, and analyze logs DB Oracle and MSSQL?
Does McAfee SIEM can find a logs via FTP, SCP etc. That is, the record is stored on an external drive and SIEM can access that record via FTP?
Thank you very much, I would greatly help my answer.
1) you can collect Oracle and MSSQL Log Audit. If you want to collecto events from a generic table/view you must use McAfee Agent Plugin.
2) You can do that using a Generic Datasource o with McAfee Agent Plugin.