2 Replies Latest reply on Sep 19, 2014 4:42 AM by japie

    Using Regex in Destination_File field for EPO data

    japie

      Hi Folks

       

      Is anyone using regex's to monitor destination_file fields in McAfee SIEM from EPO as a data source?

       

      I have tried a couple of variations and some really basic syntaxes but receiving the following error:

      We basically want to look for  "Keygens","Serial","Crack" and a couple of more items.

       

      Invalid regular expression. (ER5-0015)

       

      Anybody doing anything similiar or have some pointers?

       

      Thanks,

      Japie