Splunk Add-on for McAfee
|Vendor Products||McAfee ePO v5 VirusScan, Network Security Platform (Intrushield)|
|Visible in Splunk Web||No. This add-on does not contain any views.|
McAfee ePO v4 is not supported by the latest version of Splunk add-on for McAfee.
The Splunk Add-on for McAfee allows a Splunk software administrator to collect antivirus information and vulnerability scan reports. You can directly analyze the McAfee data or use it as a contextual data feed to correlate with other security data in the Splunk platform. This add-on provides the inputs and CIM-compatible knowledge to use with other Splunk apps, such as Splunk Enterprise Security and the Splunk App for PCI Compliance.
The DB Connect add-on is required to manage database connectivity. You must install and configure it before you can use this add-on to collect data from an ePolicy Orchestrator installation.
Download the Splunk Add-on for McAfee from Splunkbase.
For a summary of new features, fixed issues, and known issues, see Release Notes for the Splunk Add-on for McAfee.
For information about installing and configuring the Splunk Add-on for McAfee, see Installation overview for the Splunk Add-on for McAfee.
See Questions related to Splunk Add-on for McAfee on Splunk Answers.
Source types for the Splunk Add-on for McAfee
This documentation applies to the following versions of Splunk® Supported Add-ons: released