I feel your frustration as support took a long time to solve our issue with ENS 10.1. We had an issue where events would not display in the ePO console. We discovered this during testing as any virus events, using the test eicar virus, would not show up on the dashboard. McAfee tech support referred us to KB86071 which is titled "ePolicy Orchestrator console fails to display point product events and an error appears in the eventparser.log" . It refers to ENS 10.1 and is fixed by fixing the ePO database user. Not too sure if you have the same issue or not.
Thanks for this info but I don't think it's the same issue. Events from ENS 10.1.0.x clients get processed by the ePO, it's just events from the new ENS 10.1.1.x that seem to be confusing the ePO.
The clients seem to be detecting and dealing with the threats but whatever is being sent back to the ePO from 10.1.1.x clients is unable to get copied to the correct location for processing. The queue is somewhat large after almost 5 days of knackeredness.
Very unimpressed so far with the support from McAfee on this and, as usual, Sod's Law seems to be in action that we are the only organization in the world to be suffering from this issue.
We are 5.3 on prem as well and have had better luck with our users on Agent 220.127.116.113 and were told that was a pre-req to having ENS. Our events are processing but all of my queries for ENS related stuff are slow to some up. We have a small install with 2k end points so would be scared to see how slow they took with larger sites. Sorry we could not un-Sod your issue.