Intel Security


McAfee is a leader in the Gartner Magic Quadrant for SIEM

Read Report

Reduce compliance costs with automated log collection, storage, and management

McAfee Enterprise Log Manager collects, compresses, signs, and stores all original events with a clear audit trail of activity that can’t be repudiated.

  • Universal event log collection and retention meets compliance requirements.
  • Flexible storage and retention appropriate to each log source.
  • Supports chain of custody and forensics.
  • Provides event log management, analysis, and search functions.
  • Stores logs locally or via a managed storage area network.
  • Fully integrated with McAfee Enterprise Security Manager.
  • Flexible, hybrid delivery options include physical and virtual appliances.
Download Data Sheet Free Trial

Automate event log management and analysis

Intelligent event log management

McAfee Enterprise Log Manager collects logs intelligently, storing the right logs for compliance, and parsing and analyzing the right logs for security.

Meet compliance log retention requirements

Collect, sign, and store any log type in its original format to support specific compliance needs. Unaltered original log files support chain of custody and non-repudiation efforts.

Store logs locally or via a managed SAN

Customizable storage pools ensure logs are stored correctly, for the right amount of time. Choose from flexible storage options, including HDD appliance storage, and optional DAS and SAN storage.

Rich context for analysis

McAfee Enterprise Log Manager is an optional, integrated component of McAfee Enterprise Security Manager. Together, they provide context to every log, delivering critical information for security investigations and incident response.

McAfee rated in Gartner Critical Capabilities for SIEM

Read Report
ESG SC Magazine Gartner

Product Reviews

Leading independent analysts have evaluated the features and performance of McAfee SIEM solutions.

Understanding Cyberthreat Motivations to Improve Defense

Understanding Cyberthreat Motivations to Improve Defense

Learn the different motivations of an attacker so you can successfully defend from threats and implement controls tailored to each type of attack for greatest efficiency.

Download Infographic Read White Paper


System Requirements

McAfee Enterprise Log Manager can be deployed as a physical or virtual appliance. Specific McAfee Enterprise Log Manager models require McAfee Enterprise Security Manager (ESM) and McAfee Event Receiver (ERC). McAfee SIEM appliance specifications and descriptions are provided for information only, subject to change without notice, and provided without warranty of any kind, expressed or implied.

Model Number Maximum EPS1 Appliance Size Local Storage2 Network Interfaces (10/100/1000) System Requirements
ELM-VM-8 1,500 VM Recommended 250GB VM (AWS, ESX, KVM) 8 processor cores, 4GB of memory
ELM-VM-12 30,000 VM Recommended 500GB+240GB SSD3 VM (AWS, ESX, KVM) 12 processor cores, 64GB of memory
ELM-VM-32 70,000 VM Recommended 2TB+480GB SSD3 VM (AWS, ESX, KVM) 32 processor cores, 96GB of memory
ELM-4600 48,000 2U 1.8TB 24 Requires ESM and ERC
ELM-5600 60,000 2U 8TB + 240GB SSD 24 Requires ESM and ERC
ELM-6000 90,000 2U 14TB + 240GB SSD 24 Requires ESM and ERC

1Based on typical network environments using average event and flow aggregation. Depending on aggregation settings, collection type mix, overall SIEM activity, and related activities, the EPS levels for any given appliance, within an environment, may be lower.
2Usable event and flow data storage capacity will vary by customer event types, event rates, software version, and other factors.
3Minimum 50K IOPS for SSD; additional storage should be a minimum of 100 IOPS.
4IPMI: Please note that all McAfee SIEM appliances, except DAS-50 and DAS-100, have IPMI adapters; for ERC HA, IPMI is used for the HA configuration.

Need additional technical resources? Visit the McAfee Expert Center

McAfee SIEM-Integrated Partners

Many organizations deploy security products from multiple vendors that do not interact with each other. In today’s fast evolving threat landscape, this not only increases operational costs, it increases risk. Evolving security challenges require open, collaborative approaches to detect threats, reduce risk, and ensure compliance. Below is a selection of Security Innovation Alliance partners with McAfee SIEM integrated solutions that allow you to resolve more threats faster with fewer resources.

Automation & Orchestration

User & Entity Behavior Analytics

Authentication & Encryption

Application & Database Security

Incident Response & Forensics

See All SIEM-Integrated Partners