GPG 13 Compliance Content Pack

Overview

Many organizations are subject to regulations that mandate the collection and analysis of specific types of events for detecting and responding to suspicious activity. This content pack supports and simplifies your organization's efforts to meet GPG 13 compliance requirements, offering out-of-the-box configuration of the views you need to ensure compliance.

Content Pack Components

Views
  • PMC1 Accurate Time in Logs (Folder)
    • PMC1 Accurate Time in Logs
    • PMC1 Event Analysis
  • PMC2 Traffic Crossing a Boundary (Folder)
    • PMC2 Anti-malware Update Failure
    • PMC2 Anti-malware Update Success
    • PMC2 Blocked Suspicious Activity
    • PMC2 File Events
    • PMC2 Malware Triggered Rules
    • PMC2 Malware Types Detected
    • PMC2 Top URL Categories Allowed
    • PMC2 Top URL Categories Blocked
  • PMC3 Suspicious Behavior at Boundary (Folder)
    • PMC3 Authentication Failures
    • PMC3 Boundary Devices with Critical Events
    • PMC3 Boundary Devices with Errors
    • PMC3 Boundary Devices with System Events
    • PMC3 Boundary Devices with Warning Events
    • PMC3 Commands on Boundary Devices
    • PMC3 Devices with System Status Events
    • PMC3 Passed Events on Firewalls
    • PMC3 Suspicious Activity at Boundary
    • PMC3 Suspicious Packet Firewall Events
    • PMC3 User Activity on Boundary Devices
  • PMC4 Recording WS, Server, Device Status (Folder)
    • PMC4 Current OS Status
    • PMC4 HIDS AV OS Devices System Events
    • PMC4 HIDS AV OS Malware Triggered Rules
    • PMC4 Hosts with Critical Events
    • PMC4 Hosts with Warning Events
    • PMC4 Malware Detected by HIDS AV or OS
    • PMC4 OS Access Events
    • PMC4 OS Devices with Critical Events
    • PMC4 OS Failure Events
    • PMC4 OS System Config Registry Events
    • PMC4 OS System Events
    • PMC4 OS System Status Events
  • PMC5 Suspicious Internal Network Actions (Folder)
    • PMC5 All Logon Failures
    • PMC5 Commands on All Devices
    • PMC5 Devices with System Status Events
    • PMC5 Monitoring Devices with Errors
    • PMC5 Monitoring Systems with Critical Events
    • PMC5 Monitoring Systems with Warning Events
    • PMC5 Monitoring Systems - System Events
    • PMC5 Passed Events on Firewalls and HIDS
    • PMC5 Suspicious Activity Internal
    • PMC5 Suspicious Activity Internal Action
    • PMC5 Suspicious Packet Firewall Events
    • PMC5 User Activity on Monitoring Systems
  • PMC6 Network Connections (Folder)
    • PMC6 Devices with Failed Access Events
    • PMC6 Network Devices Commands
    • PMC6 Network Devices with Auth Events
    • PMC6 Network Devices with Auth Failures
    • PMC6 Network Devices with Critical Events
    • PMC6 Network Devices with Warning Events
    • PMC6 Network Devices with Errors
    • PMC6 Remote Access Failures
    • PMC6 Remote Access Summary
    • PMC6 Wireless Device Events
  • PMC7 Session Activity (Folder)
    • PMC7 Administrator Activity
    • PMC7 All Source User Activity
    • PMC7 All Source User Commands
    • PMC7 Source Users Group Privilege Change
    • PMC7 Source Users with Account Changes
    • PMC7 Source Users with Privilege Changes
    • PMC7 User Network Sessions
  • PMC8 Data Backup Status (Folder)
    • PMC8 Backup and Restore Events
  • PMC9 Alerting Critical Events (Folder)
    • PMC9 Alarm Dashboard
    • PMC9 Incidents Dashboard
  • PMC10 Status of the Audit System (Folder)
    • PMC10 All McAfee SIEM Events
  • PMC11 Management Reports (Folder)
    • PMC11 Attacks Over Time
    • PMC11 Average Attack Severity with Geo
    • PMC11 Incidents Dashboard
    • PMC11 Top 10 Attack Summary
  • PMC12 Protective Monitoring Activities (Folder)
    • PMC12 All McAfee SIEM Login Events

Required Products

  • McAfee Enterprise Security Manager (ESM) 10.0.x
  • McAfee Advanced Correlation Engine (ACE) 10.0.x

Download Content Pack

Registered ServicePortal users can log in to access the Knowledge Center for further documentation or to download the content pack file manually.

Read Article

Explore

Find other content packs and partner integrations.

See All

Free Trial

Interested in McAfee Enterprise Security Manager?

Register for Free Trial