Event Views Content Pack

Overview

Easily set up summary and customized views to monitor and get alerts on event flows for investigating incidents or searching for evidence of advanced attacks. McAfee Enterprise Security Manager leverages contextual information and enriches each event with that context for a better understanding of how security events can impact real business processes.

Content Pack Components

Views
  • 10 Query Summary
  • Application Summary
  • Command Summary
  • Destination IP Summary
  • Destination MAC Summary
  • Destination Port Summary
  • Destination User Summary
  • Domain Summary
  • Event Count by Device
  • Event Distribution
  • Event Source Destination Geolocation
  • Event Subtype Summary
  • Event Summary
  • Event to Flows
  • Event Type Summary
  • Events by Average Severity
  • Events by Severity
  • Average Severity by Geolocation
  • Host Summary
  • Network Destination Summary
  • Network Device Summary
  • Network Source Summary
  • Normalized Event Summary
  • Object Summary
  • Protocol Summary
  • Ruleset Summary
  • Source IP Summary
  • Source MAC Summary
  • Source Port Summary
  • Source User Summary
  • User Tracking - Active Directory
  • User Tracking - Source User

Required Products

  • McAfee Enterprise Security Manager (ESM) 10.0.x

Download Content Pack

Registered ServicePortal users can log in to access the Knowledge Center for further documentation or to download the content pack file manually.

Read Article

Explore

Find other content packs and partner integrations.

See All

Free Trial

Interested in McAfee Enterprise Security Manager?

Register for Free Trial