Please help to generate below report from McAfee SIEM. Current SIEM version 9.5.0. Suggest any article in McAfee community if any available.
I have data source as McAfee web gateway, McAfee NSM, Cisco- Checkpoint firewall, McAfee DLP, ePO etc.
Report format required as below :
1. Total endpoint attacks count in csv format with field( Attack Name, Source IP, Source user, Source port, Destination IP, Destination user, Dst Port, device action, requested URL, etc.)
2. Total network attacks count in same format as above.
3. Automatic last event report from ESM for all reporting and non reporting devices send over email id.