Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
Warning

This app is archived. Learn more

Splunk Add-on for McAfee app icon

Splunk Add-on for McAfee

***Splunk Add-on for McAfee is no longer supported. For best results, you should deploy and use the new Splunk Add-on for McAfee ePO Syslog. Splunk Add-on for McAfee ePO Syslog works with Splunk Connect for Syslog, which provides a number of benefits over the legacy database integration.*** The Splunk Add-on for McAfee allows a Splunk Enterprise administrator to collect anti-virus information and Network Security Platform (Intrushield) information. You can then directly analyze the McAfee data or use it as a contextual data feed to correlate with other security data in Splunk. This add-on provides the inputs and CIM-compatible knowledge to use with other Splunk Enterprise apps, such as Splunk App for Enterprise Security and Splunk App for PCI Compliance. Please note that the DB Connect Add-on is required to manage database connectivity; it must be installed and configured before this Add-on can be used to collect data from an ePolicy Orchestrator (ePO) installation.

Built by Splunk Works
splunk product badge
Latest Version 2.2.1
June 27, 2018
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
CIM Version: 4.x
Rating

0

(0)

Log in to rate this app
Support
Splunk Add-on for McAfee support icon
Not Supported
Learn more
Ranking

#33

in Utilities
***Splunk Add-on for McAfee is no longer supported. For best results, you should deploy and use the new Splunk Add-on for McAfee ePO Syslog. Splunk Add-on for McAfee ePO Syslog works with Splunk Connect for Syslog, which provides a number of benefits over the legacy database integration.*** The Splunk Add-on for McAfee allows a Splunk Enterprise administrator to collect anti-virus information and Network Security Platform (Intrushield) information. You can then directly analyze the McAfee data or use it as a contextual data feed to correlate with other security data in Splunk. This add-on provides the inputs and CIM-compatible knowledge to use with other Splunk Enterprise apps, such as Splunk App for Enterprise Security and Splunk App for PCI Compliance. Please note that the DB Connect Add-on is required to manage database connectivity; it must be installed and configured before this Add-on can be used to collect data from an ePolicy Orchestrator (ePO) installation.

Categories

Created By

Splunk Works

Type

addon

Downloads

20,812

Licensing

Splunk Answers

Resources

Login to report this app listing