Splunk® Supported Add-ons

Splunk Add-on for McAfee NSP

Source types for the Splunk Add--on for McAfee NSP

The Splunk Add-on for McAfee NSP supports the following data sources with the following collection methods and provides the following source type, event types, and CIM mappings.

Source type Source Event type CIM data models
mcafee:nsp mcafee:nsp:alert mcafee_nsp_alert_log Intrusion Detection
mcafee:nsp:audit mcafee_nsp_audit_log Change
mcafee:nsp:firewall mcafee_nsp_firewall_log Network Traffic
mcafee:nsp:fault mcafee_nsp_fault_log Alerts
Last modified on 11 May, 2023
Lookups for the Splunk Add-on for McAfee NSP   Release notes for the Splunk Add-on for McAfee NSP

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters