McAfee ePO
This pack includes XSIAM content.
McAfee ePolicy Orchestrator
This pack includes XSIAM content.
This pack includes XSIAM content.
Part 1 - on the Mcafee EPO management console
Part 2 - manage the schema on the mssql
Right click on the table that you want manage the fields and click on design.
Edit the SQL and save the new design configurations.
Pay attention: Timestamp parsing is supported for the EventTimeLocal field with UTC format. To configure the format:
In order to use the collector, you can use one of the following options to collect events from the vendor:
In either option, you will need to configure the vendor and product for this specific collector.
You will need to use the information described here.\
You can configure the specific vendor and product for this instance.
Name | Description |
---|---|
EPOFindSystem | Deprecated. Use the "McAfe ePO v2 integration command epo-find-system" instead. Return system info |
Name | Description |
---|---|
McAfee ePO (Deprecated) | Deprecated. Use McAfee ePO v2 instead. |
McAfee ePO v2 | McAfee ePolicy Orchestrator. |
Name | Description |
---|---|
McAfee ePO Endpoint Compliance Playbook v2 | Discover endpoints that are not using the latest McAfee AV signatures. |
McAfee ePO Endpoint Connectivity Diagnostics Playbook v2 | Perform a check on ePO endpoints to see if any endpoints are unmanaged or lost connectivity with ePO and take steps to return to a valid state. |
McAfee ePO Repository Compliance Playbook v2 | Ensures that ePO servers are updated to the latest McAfee published AV signatures (DAT file version). |
Name | Description |
---|---|
EPOFindSystem | Deprecated. Use the "McAfe ePO v2 integration command epo-find-system" instead. Return system info |
Name | Description |
---|---|
McAfee ePO (Deprecated) | Deprecated. Use McAfee ePO v2 instead. |
McAfee ePO v2 | McAfee ePolicy Orchestrator. |
Name | Description |
---|---|
Mcafee Epo Modeling Rule |
Name | Description |
---|---|
McAfeeEpo Parsing Rule |
Name | Description |
---|---|
McAfee ePO Repository Compliance Playbook v2 | Ensures that ePO servers are updated to the latest McAfee published AV signatures (DAT file version). |
McAfee ePO Endpoint Connectivity Diagnostics Playbook v2 | Perform a check on ePO endpoints to see if any endpoints are unmanaged or lost connectivity with ePO and take steps to return to a valid state. |
McAfee ePO Endpoint Compliance Playbook v2 | Discover endpoints that are not using the latest McAfee AV signatures. |
Pack Name | Pack By |
---|---|
Base | By: Cortex XSOAR |
Common Scripts | By: Cortex XSOAR |
ServiceNow | By: Cortex XSOAR |
Pack Name | Pack By |
---|
Pack Name | Pack By |
---|---|
Common Playbooks | By: Cortex XSOAR |
Filters And Transformers | By: Cortex XSOAR |
Base | By: Cortex XSOAR |
Common Scripts | By: Cortex XSOAR |
Cortex REST API | By: Cortex XSOAR |
Rasterize | By: Cortex XSOAR |
ServiceNow | By: Cortex XSOAR |
McAfee ePolicy Orchestrator. (Available from Cortex XSOAR 5.5.0).
Deprecated. Use McAfee ePO v2 instead.
Updated to use McAfee ePO v2.
Updated to use McAfee ePO v2.
Updated to use McAfee ePO v2.
Updated the Docker image to: demisto/python:2.7.18.24398.
Certification | Certified | Read more |
Supported By | Cortex | |
Created | November 9, 2020 | |
Last Release | March 3, 2024 |