The McAfee ePO package is to be used in conjunction with the Malware Solution Pack.
Installation instructions are provided within the wiki under the Security Technology Monitoring section.
Note: If you have access to McAfee ePO and are well versed in the product, please reach out to us. I'm looking for help in understanding how to best configure the agents and ePO.
Also, a big thanks to and his team for helping pull this together!
So, my guess, and this seems to be a common problem, is that you didn't put all the contents of the zip file into your console's current directory. If you used 7zip or native Windows extraction, it may have put them in a sub-directory. If so, move the contents up a level, and that should fix it when you run the .bat file again.
Hope this helps,
Yes, you are correct, this is done from your console directory, not from ESM.
The screenshot you added has everything you need. The L1-Malware_Monitoring... bundle contains all the other bundles. The .bat file (script) imports this bundle onto the manager, which includes the other .arb files.
The screenshot also has this path:
C:\arcsight\Console\current\L-1Malware Monitoring - Indicators and Warnings 184.108.40.206
This means you have:
C:\arcsight\Console\current\L-1Malware Monitoring - Indicators and Warnings 220.127.116.11\DO NOT IMPORT VIA CONSOLE.txt, etc.
Move the .bat and .arb files up one directory, then run the .bat file again. It will work.
ok...now this (apologies for the noobie questions):
'bin\arcsight' is not recognized as an internal or external command,
operable program or batch file.
Could Not Find C:\arcsight\Console\current\L1-Perimeter_and_Network_Monitoring_-_Indicators_and_Warn
For anyone else that might be having issues below is the resolution:
- I am using several console versions to connect to several versions of ESM
- Extracted file contents need to be copied into the *\current directory of the console version/installation for the corresponding ESM destination of the package (oh yeah, of course, totally makes sense!)
Thanks for the call, WebEx, and 2nd pair of eyes Prentice!