Skip to main content

McAfee ePO

Download With Dependencies

McAfee ePolicy Orchestrator

This pack includes XSIAM content.

Manage the fields on the schema

part 1 - on the Mcafee EPO management console

  1. click on “Queries & Reports” and find the query of the schema
  2. click action --> edit
  3. on the nav bar click on "columns", there you can edit the fields.
  4. copy the sql.

part 2 - manage the schema on the mssql

  1. right click on the table that you want manage the fields and click on design.
  2. edit the sql and save the new design configurations.

Collect Events from Vendor

In order to use the collector, you can use one of the following options to collect events from the vendor:

In either option, you will need to configure the vendor and product for this specific collector.

Broker VM

You will need to use the information described here.\
You can configure the specific vendor and product for this instance.

  1. Navigate to Settings -> Configuration -> Data Broker -> Broker VMs.
  2. Right-click, and select Syslog Collector -> Configure.
  3. When configuring the Syslog Collector, set:
    • vendor as Mcafee
    • product as EPO

PUBLISHER

Cortex

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByCortex
CreatedNovember 9, 2020
Last ReleaseJanuary 25, 2023
WORKS WITH THE FOLLOWING INTEGRATIONS:
DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.