Moved to Network Security Platform for better support - Moderator
Please see the below KB on how to submit a false positive report to McAfee support. This will teach you how to enable full flow logging and generate an evidence report. You can view these packet logs yourself, or submit the logs to our support team. Thanks!
Technical Support Engineer
McAfee. Part of Intel Security.
Please note, this method does not work when the attack definition is not able to collect packet capture. See the following for a list of attack definitions that will not collect packet capture:
Alternatively you can create a packet capture rule to collect what is needed.