P-McAfee_ePO_1.0.0.2.arb - Page 2 - Micro Focus Community

MaryCordova · ‎2015-08-04

Woot! Successful install of package

Thanks Prentice!

MaryCordova · ‎2015-10-01

Is there supposed to be a parser override for this?

MaryCordova · ‎2015-12-03

- can you send me the parser override for this?

prentice@hpe.co · ‎2015-12-21

Hey,

I don't think there is a parser override for this. Perhaps knows, but I think if there was one, he would have posted it.

MaryCordova · ‎2016-02-03

So I believe there is definitely supposed to be a parser override. Below is a screenshot from the wiki documentation:

Also, parsed events don't contain a target or attacker hostname but the raw events have that information in their schema as agenthostname. Raw events also have the username which is not available in parsed events as well as some other pieces of data.

/ / do any of you have this parser?

deathbywedgie1 · ‎2016-02-04

Sorry, that one isn't ringing a bell at the moment.

MaryCordova · ‎2016-02-04

/ deathbywedgie / chrisb / awmorris

OMG...the parser is attached to the WIKI...THAT IS A LINK!!!

Re: P-McAfee_ePO_1.0.0.2.arb

Re: P-McAfee_ePO_1.0.0.2.arb

Re: P-McAfee_ePO_1.0.0.2.arb

Re: P-McAfee_ePO_1.0.0.2.arb

Re: P-McAfee_ePO_1.0.0.2.arb

Re: P-McAfee_ePO_1.0.0.2.arb

Re: P-McAfee_ePO_1.0.0.2.arb