Re: P-McAfee_ePO_1.0.0.2.arb - Micro Focus Community

john.petropoulo1 · ‎2015-06-23

The McAfee ePO package is to be used in conjunction with the Malware Solution Pack.

Installation instructions are provided within the wiki under the Security Technology Monitoring section.

Note: If you have access to McAfee ePO and are well versed in the product, please reach out to us. I'm looking for help in understanding how to best configure the agents and ePO.

Also, a big thanks to and his team for helping pull this together!

deathbywedgie1 · ‎2015-06-23

Quick shout to and since any credit deserved here is theirs. All I did was try not to get in the way any more than I had to.

htalbot10 · ‎2015-06-24

All, thanks for the arb, this is very timely and and really great that Activate is getting traction.

MaryCordova · ‎2015-07-16

Is there a wiki page or other doc for end device configuration?

MaryCordova · ‎2015-07-16

DOH:

"Installation instructions are provided within the wiki under the Security Technology Monitoring section."

john.petropoulo1 · ‎2015-07-16

But I am missing end device configuration. Need some help from a few experts!

Sent from my iPhone

MaryCordova · ‎2015-07-31

Here's a doc to help if you dont have it already:

MaryCordova · ‎2015-08-04

Error while installing Malware dependency package :

Could Not Find C:\arcsight\Console\current\L1-Malware Monitoring - Indicators adn Warnings 1.0.0.5\L

1-Perimeter_and_Network_Monitoring_-_Indicators_and_Warnings_-_Customizations_*.arb

Any help?

prentice@hpe.co · ‎2015-08-04

Hey,

So, my guess, and this seems to be a common problem, is that you didn't put all the contents of the zip file into your console's current directory. If you used 7zip or native Windows extraction, it may have put them in a sub-directory. If so, move the contents up a level, and that should fix it when you run the .bat file again.

Hope this helps,

--

Prentice

prentice@hpe.co · ‎2015-08-04

Hey Mary,

Yes, you are correct, this is done from your console directory, not from ESM.

The screenshot you added has everything you need. The L1-Malware_Monitoring... bundle contains all the other bundles. The .bat file (script) imports this bundle onto the manager, which includes the other .arb files.

The screenshot also has this path:

C:\arcsight\Console\current\L-1Malware Monitoring - Indicators and Warnings 1.0.0.5

This means you have:

C:\arcsight\Console\current\L-1Malware Monitoring - Indicators and Warnings 1.0.0.5\DO NOT IMPORT VIA CONSOLE.txt, etc.

Move the .bat and .arb files up one directory, then run the .bat file again. It will work.

MaryCordova · ‎2015-08-04

ok...now this (apologies for the noobie questions):

'bin\arcsight' is not recognized as an internal or external command,

operable program or batch file.

Could Not Find C:\arcsight\Console\current\L1-Perimeter_and_Network_Monitoring_-_Indicators_and_Warn

ings_-_Customizations_*.arb

MaryCordova · ‎2015-08-04

For anyone else that might be having issues below is the resolution:

I am using several console versions to connect to several versions of ESM
Extracted file contents need to be copied into the *\current directory of the console version/installation for the corresponding ESM destination of the package (oh yeah, of course, totally makes sense!)

Thanks for the call, WebEx, and 2nd pair of eyes Prentice!