ALERT! The community will be read-only on April 19, 8am Pacific as the migration begins. Read more for important details.
ALERT! The community will be read-only on April 19, 8am Pacific as the migration begins.Read more for important details.
Absent Member.
Absent Member.
352 views

McAfee Rogue Sensor Events Not Captured

We are running McAfee ePO 5.1, RSD 4.7, and McAfee Smart Connector is at at version 7.0.7.7279.0.

Just upgraded the connector from 7.01 to 7.07 today (2/20/2015)

The event types on the connector parameters is - virusscan, hdlp, epoproductevents, rsd

Prior to upgrading to RSD 4.7, the RSD events were captured in ESM and Logger.

Post the upgrade to RSD 4.7, the RSD events are not captured in ESM and Logger.

McAfee ePO Console for Detected Systems shows events for today (2/20/2015)

It should be noted that all other event types (virsuscan, hdlp, epoproductevents) are captured in ESM and Logger.

Thoughts?

Thanks

Nick

Labels (3)
0 Likes
1 Reply
Fleet Admiral
Fleet Admiral

Hi Nick,

Before contacting HP ArcSight Support, I would test McAfee ePO DB SmartConnector v7.0.6.7189 because it is the one that support RSD 4.7 for McAfee ePO v5.1. (cf. below)

SmartConnector v7.0.7.7279 is the last one and from my point of view it is not good to upgrade directly to the latest version (only if a specific bug is officially fixed) thus I advice you to downgrade to the previous version.

If it is still the same issue, do not hesitate to contact HP Support. It should work for 7.0.7 too!

Best Regards

Michael

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.