This content has been marked as final. Show 5 replies
From what I can see on Novell the different sentinel collectors are an integral part of the system and are provided through the software, you ned to check you are up to date with sentinel.
There are various forums for this software here is a link to a forum listing of the collectors available with v5.13 and version 6, I would look to these forums for support with this product.
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=3448 620&sliceId=SAL_Public&dialogID=52098027&stateId=0 0 52096513 0 52096513
Thanks tonyb99, but i have downloaded the lastest ePO collector on NOVELL and the files ePO_events.csv and tx_mcfe_epox_036x.csv have only events from ID 1000 to ID 4651, they are incomplete.
I have completed ePO_events.csv from ID 4700 to ID 30000 by the help of this site : https://knowledge.mcafee.com/article/978/6423643_f.SAL_Public.html (I used the first two columns)
But now i don't have same information for tx_mcfe_epox_036x.csv.
I will try to contact Novell for more information but i think that this files was given to them by McAfee...
The mcafee one is no good to you as it needs to formatted in a way that sentinel can read it, thats why I advised you to go back to novell.
You are right tonyb99 but formatting is very simple by EXCEL, only a quote between each field.
The most difficult is to have the taxonomy info for ID 4700 to 30000. I will try to see if Novell can give me...
We use Sentinel but developed a direct ODBC connection and get all th events from A/V and HIPS.
You might try that, or modify your existing agent to include more events. If you know what they are you should be able to add them.