Splunk Enterprise Security

McAfee security management center syslog format ?

Abdeslem
New Member

hello ,
We want to add our Mcafee Firwall logs into splunk (ES) using syslog.
which format is used by Splunk Add-on for McAfee
We can use :
- CEF
- CSV
- NetFlow V9
- IPFIX
- XML
- McAfee ESM

thank you .

0 Karma

eghaddad
New Member

Hi,

The Splunk Add-on for McAfee uses syslog for McAfee Network Security Platform/Intrushield. We dont have knowledge extraction and CIM mapping for McAfee Firewall as part of this Add-on.

0 Karma
Get Updates on the Splunk Community!

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...