Latest Version 2.1.1
June 18, 2015
Welcome to the new Splunkbase! To return to the old Splunkbase, .
Splunk Add-on for McAfee
The Splunk Add-on for McAfee allows a Splunk Enterprise administrator to collect anti-virus information and Network Security Platform (Intrushield) information. You can then directly analyze the McAfee data or use it as a contextual data feed to correlate with other security data in Splunk. This add-on provides the inputs and CIM-compatible knowledge to use with other Splunk Enterprise apps, such as Splunk App for Enterprise Security and Splunk App for PCI Compliance. Please note that the DB Connect Add-on is required to manage database connectivity; it must be installed and configured before this Add-on can be used to collect data from an ePolicy Orchestrator (ePO) installation.
Built by
Compatibility
Not Available
Platform Version: 6.3, 6.2, 6.1, 6.0
CIM Version: 4.x, 3.x
Rating
0
(0)
Log in to rate this app
Support
Splunk Supported addon
Ranking
#44
in Security, Fraud & Compliance
#46
in Utilities
The Splunk Add-on for McAfee allows a Splunk Enterprise administrator to collect anti-virus information and Network Security Platform (Intrushield) information. You can then directly analyze the McAfee data or use it as a contextual data feed to correlate with other security data in Splunk. This add-on provides the inputs and CIM-compatible knowledge to use with other Splunk Enterprise apps, such as Splunk App for Enterprise Security and Splunk App for PCI Compliance. Please note that the DB Connect Add-on is required to manage database connectivity; it must be installed and configured before this Add-on can be used to collect data from an ePolicy Orchestrator (ePO) installation.
Categories
Created By
Splunk Inc.
Type
addon
Downloads
2,028
Licensing
Splunk Answers
Resources
Log in to report this app listing