McAfee Event Receiver

Robust collection and powerful correlation

Free Trial

Collect tens of thousands of events per second

McAfee Event Receiver collects and retains large amounts of security data, and gives you immediate access to that data.

Scalable log collection

Collect event and flow information from hundreds of third-party devices, including intrusion prevention systems (IPS), switches, routers, servers, workstations, identity and authentication systems, vulnerability assessment scanners, and more.

Instant access to data

Preserve and store all details of parsed and correlated events in a highly indexed database for fast retrieval and analysis.

System-wide threat detection

Correlate events collected by other distributed receivers to detect larger incidents.

Flexible deployment options

Make highly distributed deployment easier and more cost effective with virtual appliances.

Easy, highly
distributed event

Protect all collected events

Collect tens of thousands of events per second with a single McAfee Event Receiver and cache all data locally to preserve it in the event of a network communication error or outage.

Leverage diverse collection methods

Use various event collections, including passive log collection, authenticated log collection, CEF, OPSEC, SDEE, XML, ODBC, and encrypted collection validated to FIPS 140-2 Level 2.

Ensure a flexible architecture

Select fully centralized all-in-one event collection and management or fully distributed event collection, available in both physical and virtual appliances and rated for several thousand to tens of thousands of events per second.

McAfee Connect

Maximize the value of your McAfee Enterprise Security Manager with pre-built content packs to streamline security monitoring, threat management, and incident response.

Learn More

System requirements

McAfee Event Receiver (ERC) deployment options include physical and virtual appliances. Specific McAfee Event Receiver models require McAfee Enterprise Security Manager (ESM). McAfee SIEM appliance specifications and descriptions are provided for information only, subject to change without notice, and provided without warranty of any kind, expressed or implied.

Model Number Deployment Local Storage1 CPU Cores System Requirements
ERC-VM AWS, Azure, HyperV, ESX, KVM, XEN Minimum 250 GB2 8 8 Processor Cores, 8 GB RAM
ERC-VM-4-CORE-ADDON AWS, Azure, HyperV, ESX, KVM, XEN See footnote 2 See footnote 3 Per 4 Core Add-on, 16 GB RAM

Model Number Appliance Size Local Storage1 CPU Cores System Requirements
ERC-1270 1U 4 TB 4 Requires ESM
ERC-2650 2U 12 TB 18 Requires ESM
ERC-3500 2U 12 TB + 400 GB SSD 22 Requires ESM
ERC-4700 2U 5.6 TB SSD 28 Requires ESM

1Usable event and flow data storage capacity will vary by customer event types, event rates, software version, and other factors.
2It’s recommended that VMs have dedicated SSD storage to reach higher ingestion and query performance.
3Option to expand ERC-VM in 4-core increments up to 32-core maximum.

Need additional technical resources? Visit the McAfee Expert Center >

Learn more about McAfee Event Receiver


SIEM Solutions from McAfee

SIEM solutions from McAfee help you continuously monitor, identify, investigate, and resolve threats.

Read Data Sheet >

Sustainable Security Operations

Discover how to successfully adopt sustainable security operations with optimized processes and tools to compress decision-making and quickly detect, contain, and remediate attacks.

Read White Paper >

This remains the top SIEM available.
Read Product Review > sc-magazine

McAfee Event Receiver related products

McAfee Advanced Correlation Engine supplements McAfee Enterprise Security Manager (SIEM) event correlation with two dedicated correlation engines: A risk detection engine that generates a risk score and a threat detection engine.

Learn More >

McAfee Application Data Monitor decodes an entire application session to Layer 7 to detect fraud, data loss, and hidden threats, and create an audit trail for application compliance.

Learn More >

McAfee Enterprise Log Manager automates log management and analysis for all log types, including Windows event logs, database logs, application logs, and syslogs, and integrates with McAfee SIEM for analysis and incident management.

Learn More >

McAfee Enterprise Security Manager delivers intelligent, fast, and accurate SIEM and log management.

Learn More >

Built for big security data, McAfee Global Threat Intelligence for Enterprise Security Manager puts the power of McAfee Labs directly into the security monitoring flow using McAfee’s high-speed, highly intelligent SIEM.

Learn More >

McAfee Enterprise Log Search delivers ultra-fast search of raw events by storing and querying uncompressed data.

Learn More >

Have Additional Questions?

We’re here to help. Contact us to learn about implementation, pricing, technical specifications, and more

Contact Us

Register for a Free Trial

Get started now. Test drive McAfee Event Receiver in your environment.

Free Trial