Visham Rawat

McAfee ePO antivirus threat event logs to RSA SA

Discussion created by Visham Rawat on May 13, 2019
Latest reply on May 14, 2019 by Visham Rawat



I've integrated McAfee ePO 5.9.1 via ODBC to RSA SA. I'm receiving logs as well. However, on closer inspection, what I've noticed is that only ePO administrative event logs are being sent to SA. I'm not receiving the anti-virus threat event logs, which is what I'm actually after.


Any ideas on how to receive ePO threat event logs?


I've added the DB name in the McAfee ePO DSN, and it is this DB that contains all the threat event logs as well. Yet, all I'm receiving are the admin logs.


Need assistance.