We want to add our Mcafee Firwall logs into splunk (ES) using syslog.
which format is used by Splunk Add-on for McAfee
We can use :
- NetFlow V9
- McAfee ESM
thank you .
The Splunk Add-on for McAfee uses syslog for McAfee Network Security Platform/Intrushield. We dont have knowledge extraction and CIM mapping for McAfee Firewall as part of this Add-on.