1 Reply Latest reply on Sep 19, 2016 4:35 PM by eM Ka

    Active Response integration McAfee ESM

    leshe4ka

      Hello.

      I installed McAfee ESM ver. 9.5.2.

      I connected a lot of different event sources in ESM.

      Some event sources from which the event comes, I still Installed and collectors Active Response.

      And I try to search from the ESM, but I can not get a result from the query.

       

      I tried to execute queries:

      User detail search

      Process information from source IP address and time

      Process information from destination IP address and time

      CurrentFlow for IP address

      3.jpg

      Result

      4.jpg

      My Settings Integration

      1.jpg

       

      2.jpg