All Apps and Add-ons

Need a Splunk App for McAfee that uses Splunk Add-on for McAfee

ggb667
New Member

Hello. I plan on installing the Splunk Add-on for McAfee and i need to monitor:

McAfee Endpoint Security for Linux Firewall 10.6.6 105
McAfee Endpoint Security for Linux Threat Protection 10.6.6 107
McAfee Agent for Linux 5.6.2
McAfee Policy Auditor Agent for Linux 6.4.3
Asset Configuration Compliance Module - LNX 3.2.4

I was hoping for a "Splunk McAfee App" that would go hand in hand with the "Add-On" for visualizations, but all I'm finding are bits and pieces here and there. Is there an app for this, or am I going to have to build this myself and rely on my own Splunk Deployment Monitor derived components for monitoring McAfee components?

I'm new to apps and add-on components for Splunk.

Thanks

0 Karma
1 Solution

PavelP
Motivator

McAfee Agent reports to ePO so what you need is to send ePO logs to Splunk. Not sure about Policy Auditor and Compliance Module though

View solution in original post

0 Karma

PavelP
Motivator

McAfee Agent reports to ePO so what you need is to send ePO logs to Splunk. Not sure about Policy Auditor and Compliance Module though

0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...