Go to Settings >> Knowledge Base >> Dashboards.
Select Vendor Dashboard.
Click Add.
Adding the McAfee EPO Dashboard¶
Click Choose Repos.
Selecting Repos¶
Select the repo and click Done.
Click Ok.
Confirmation for Repo¶
You can find the McAfee EPO dashboards under Dashboards.
McAfee EPO Dashboard¶
McAfee EPO Dashboard¶
Widgets available in LP_McAfee IPS provide:
Widgets |
Description |
|---|---|
Top 10 Attack Type |
An overview of the top 10 virus or trojan attacks detected by McAfee IPS. |
Top 10 Inbound Attacking Source |
An overview of the top 10 inbound source addresses from which attacks are detected by McAfee IPS. |
Top 10 Destination Most Targeted |
An overview of the top 10 most targeted destination addresses detected by McAfee IPS. |
Top Destination Ports |
An overview of the top destination ports. |
Attack Summary |
A detailed overview of the attacks by source address, destination address, direction, protocol, event, and status detected by McAfee IPS. |
Top Protocol Detected |
An overview of protocols detected by McAfee IPS. |
Top High and Medium Severity Attack |
An overview of the attacks with high and medium severity detected by McAfee IPS. |
Inbound Attack Detection Timeline |
A timeline of inbound attacks detected by McAfee IPS. |
Outbound Attack Detection Timeline |
A timeline of inbound attacks detected by McAfee IPS. |
Top 10 Outbound Attacking Source |
An overview of the top 10 outbound source addresses detected in attacks by McAfee IPS. |
Attack Origin Countries |
An overview of the top countries from where inbound attacks originated detected by McAfee IPS. |
Widgets available in LP_McAfee Antivirus Overview provide:
Widgets
Description
Severities - Timetrend
A time trend of attack severity (high, medium, or low) detected by McAfee EPO Antivirus.
Top 10 Categories
An overview of the top 10 categories detected by McAfee EPO Antivirus.
Top 10 Threats
An overview of the top 10 threats detected by McAfee EPO Antivirus.
Top 10 Attacking Sources
An overview of the top 10 hosts involved in attacks detected by McAfee EPO Antivirus.
Top 10 Attacked Destinations
An overview of the top 10 hosts involved in attacks detected by McAfee EPO Antivirus.
Events - Timetrend
A time trend of attack categories detected by McAfee EPO Antivirus.
Scan Status - Timetrend
A time trend of scan status like failed or successful detected by McAfee EPO Antivirus.
Updates - List
An overview of application updates detected by McAfee EPO Antivirus.
Threats - Timetrend
A time trend of threats detected by McAfee EPO Antivirus.
Failed updates by Operating System
An overview of failed application updates with the event ID 1119 detected by McAfee EPO Antivirus.
Overview of seen Operating Systems and Service Packs
An overview of the Operating Systems and service packs by host detected by McAfee EPO Antivirus.
Widgets available in LP_McAfee Antivirus Activity provide:
Widgets |
Description |
|---|---|
Top 10 Infection Sources |
An overview of the top 10 infectious sources such as virus or trojans detected by McAfee EPO Antivirus. |
Files Deleted - List |
An overview of files deleted by McAfee EPO Antivirus.” |
Top 10 Detection Method |
An overview of a detection method (such as FILE_UNSOLIDIFIED event for files deleted during Update mode) detected by McAfee EPO Antivirus.” |
Top 10 Attacked Operating Systems |
An overview of the top 10 operating systems that were attacked detected by McAfee EPO Antivirus. |
Firewall Detection - Timetrend |
A time trend of firewall events detected by McAfee EPO Antivirus. |
Blocked Process - Timetrend |
A time trend of processes blocked by McAfee EPO Antivirus. |
Firewall Detection - List |
A detailed list of firewall events detected by McAfee EPO Antivirus based on the log timestamp, caller user, user, source address, destination address, caller domain, domain, host, and event. |
Blocked Process - List |
A detailed list of processes blocked by McAfee EPO Antivirus. |
Threats - Timetrend |
A time trend of threats detected by McAfee EPO Antivirus. |
Trojan Activities - List |
A detailed list of activities performed by a trojan on files and host detected by McAfee EPO Antivirus. |
Virus Activities - List |
A detailed list of viruses’ activities on files and hosts detected by McAfee EPO Antivirus. |
Access Protection Activities - List |
A detailed list of access protection-related events detected by McAfee EPO Antivirus. |
The labels available in LP_McAfee EPO Antivirus DB are:
Event ID/Action |
Labels |
|---|---|
1000 |
Service,Start,Successful |
1001 |
Service,End,Successful |
1002 |
Task,Start,Successful |
1003 |
Task,Start,Error |
1004 |
Task,Complete,Successful |
1005 |
Error,Task,Stop |
1024 |
File,Infection,Find |
1025 |
File,Infection,Clean |
1026 |
File,Infection,Clean,Fail |
1027 |
File,Infection,Delete |
1028 |
File,Infection,Delete,Fail |
1029 |
File,Scan,Exclude |
1030 |
File,Scan,Exclude,Fail |
1031 |
File,Access,Deny,Infection |
1032 |
File,Infection,Quarantine |
1033 |
File,Infection,Quarantine,Fail |
1034 |
Scan,Complete,Virus,Not,Find |
1035 |
Scan,Cancel |
1036 |
Memory,Infection |
1037 |
Infection,Boot,Record,Find |
1038 |
Scan,Find,Infection,File |
1039 |
Scan,Clean,Infection,File |
1040 |
Activity,Log,Error |
1041 |
Memory,Allocation,Error |
1043 |
Media,Right,Protection |
1044 |
Specific,Media,Find,Error |
1045 |
Specific,Scan,Invalid |
1046 |
File,Input,Output,Error |
1047 |
Disk,Input,Output,Error |
1048 |
General,System,Error |
1049 |
Internal,Application,Error |
1050 |
Password,Protection,Repair,Fail |
1051 |
Password,Protection,Scan,Fail |
1052 |
Object,Infection |
1053 |
Infection,File,Find |
1054 |
Infection,File,Delete |
1055 |
Infection,File,Delete,Fail |
1056 |
File,Infection,Quarantine |
1057 |
File,Infection,Quarantine,Fail |
1059 |
Scan,Timeout |
1060 |
Bootsector,Virus,Clean |
1061 |
Bootsector,Virus,Clean,Error |
1062 |
Send,Alert,Error |
1063 |
Invalid |
1064 |
Service,Start |
1065 |
Service,End |
1066 |
Task,Successful,Start |
1067 |
Schedule,Task,Start,Fail |
1068 |
Schedule,Task,Stop |
1069 |
Schedule,Task,Stop,Error |
1070 |
Task,Successful |
1071 |
Task,Cancel |
1076 |
Error,Logging,Information |
1077 |
Memory,Allocation,Error |
1086 |
Scan,Process,Error |
1087 |
Access,Scan,Start |
1088 |
Access,Scan,Stop |
1270 |
File,Infection |
1271 |
File,Infection |
1272 |
File,Infection |
1273 |
File,Infection |
1274 |
File,Infection |
1275 |
File,Infection |
1276 |
File,Infection |
1277 |
File,Infection |
1278 |
File,Infection |
1279 |
File,Infection |
1280 |
File,Infection |
1281 |
File,Infection |
1282 |
File,Infection |
1283 |
File,Infection |
1284 |
File,Infection |
1285 |
File,Infection |
1286 |
File,Infection |
1287 |
File,Infection |
1288 |
File,Infection |
1289 |
File,Infection |
1290 |
File,Infection |
1291 |
File,Infection |
1292 |
File,Infection |
1299 |
File,Infection |
1808 |
Exception,Find,Quarantine |
1809 |
Exception,Find,Ignore |
1810 |
Quarantine,Exception |
1807 |
Infection,File,Ignore |
1811 |
Exception,Find,Ignore |
1812 |
Quarantine,Content,Exception |
1813 |
Content,Exception,Find,Ignore |
1814 |
Configuration,Database,Read,Fail |
1815 |
Configuration,Database,Write,Fail |
1816 |
Update,Fail,Restart,Task |
1817 |
Update,Fail |
1900 |
New,File,Available |
2000 |
Find,Infection,File |
2001 |
Infection,File,Clean,Successful |
2002 |
Infection,File,Clean,Fail |
2003 |
Infection,File,Delete |
2004 |
Infection,File,Delete,Fail |
2005 |
File,Scan,Exclude |
2006 |
File,Scan,Exclude,Fail |
2007 |
Infection,File,Access,Deny |
2008 |
Infection,File,Quarantine |
2009 |
Infection,File,Quarantine,Fail |
2010 |
Infection,File,Find,Alert |
2216 |
Fail,Install,Application,OS,Version,Mismatch |
2264 |
Property,Collect,Fail |
8503 |
Spam,Criteria,Match |
8502 |
Match,Filter,Criteria |
12000 |
Sensor,Start,Successful |
12001 |
Sensor,Start,Fail |
12002 |
Sensor,Stop |
13002 |
Compliance,Profile,Rule,Violation |
16002 |
Repository,Update,Success |
16003 |
Repository,Update,Fail |
16004 |
Repository,Replication,Success |
21281 |
Unknown,Program,Encrypt,Delete |
21282 |
Unknown,Program,Delete,Fail |
21283 |
Unknown,Program,Delete,Fail |
21284 |
Unwanted,Program,Clean,Error,Delete,Fail |
21285 |
Unwanted,Program,Encrypt,Delete,Fail |
21286 |
Unwanted,Program |
16005 |
Repository,Replication,Fail |
16006 |
New,System,Detect |
16014 |
Event,Table,Full |
18000 |
Handle,Host,Intrusion,Detect |
16018 |
Import,Computer,Task,Add,Entry |
16023 |
Domain,Synchronization,Task,Remove,Computer,Entry |
1713 |
Scan,Start |
1714 |
Scan,Complete |
1801 |
Task,Start,Error |
1802 |
Task,Complete |
3005 |
Task,Find,Infection,File,Clean |
3007 |
Memory,Allocation,Error |
3016 |
Service,Manager,Open,Error |
3019 |
Driver,Version,Find,Error |
3029 |
Driver,Enable,Error |
3031 |
Driver,Data,Error |
3038 |
Log,Write,Error |
3041 |
Memory,Virus,Find,Alert |
3048 |
Media,Write,Protection,Alert |
3051 |
File,Input,Output,Error,Alert |
3052 |
Disk,Input,Output,Error,Alert |
21290 |
Unwanted,Program,Access,Deny |
21291 |
Unwanted,Program,Access,Deny |
16017 |
Computer,Task,Import,Fail |
16020 |
Computer,Task,Import,Fail |
1294 |
File,Infection,Delete,Fail |
1712 |
Internal,Error,Occur |
1715 |
Engine,Stop |
1716 |
Engine,Start |
1717 |
Update,Fail |
1718 |
Update,Start |
1719 |
Update,Not,Available |
1720 |
Update,Successful |
1721 |
Disk,Storage,Low |
1722 |
File,Infection |
1800 |
Task,Successful,Start |
1803 |
Task,Stop,Error |
1804 |
Virus,Find,Clean |
1805 |
File,Infection,Successful,Quarantine |
1806 |
File,Infection,Detect |
3001 |
Scan,Cancel |
3002 |
Memory,Virus,Find |
3003 |
Boot,Record,Infection,Find |
3004 |
Task,Find,Infection,File |
3006 |
Access,Log,File,Task,Error |
3008 |
Directory,Length,Access,Error |
3009 |
Media,Write,Protection |
3010 |
Specific,Media,Not,Find |
3011 |
Specific,Scan,File,Invalid |
3012 |
File,Input,Output,Error |
3013 |
Disk,Input,Output,Error |
3014 |
General,System,Error |
3015 |
Internal,Application,Error |
3017 |
Driver,Start,Error |
3018 |
Log,Subsystem,Start,Error |
3020 |
Virus,Signature,File,Invalid |
3021 |
Scan,Engine,Error |
3022 |
Scan,Buffer,Initialization,Error |
3023 |
Memory,Allocation,Error |
3024 |
Report,Unknown,Error |
3026 |
Exclude,Driver,Information,Send,Error |
3027 |
Driver,Folder,Move,Error |
3028 |
Device,Driver,Long,Data,Error |
3030 |
Driver,Disable,Error |
3032 |
Activity,Log,File,Open,Create,Error |
3033 |
Activity,Log,File,Maximum,Size |
3034 |
Activity,Log,File,Write,Error |
3036 |
Activity,Log,File,Initialization,Error |
3037 |
Memory,Unavailable |
3039 |
Scan,Complete,Alert |
3040 |
Scan,Cancel,Alert |
3042 |
Boot,Record,Infection,Find,Alert |
3043 |
Scan,Find,Infection,File,Alert |
3044 |
Scan,Find,Clean,Infection,File,Alert |
3045 |
Activity,Log,File,Access,Error,Alert |
3046 |
Memory,Allocation,Error,Alert |
3049 |
Specific,Media,Not,Find,Alert |
3047 |
Directory,Length,Access,Error,Length |
3050 |
Specific,Scan,Invalid,Error |
3053 |
General,System,Error,Alert |
3054 |
Internal,Application,Error,Alert |
3055 |
Driver,Stop,Error |
4650 |
Spam,Email,Detect |
4651 |
Spam,Email,Scan |
8000 |
Infection,Find |
21280 |
Unwanted,Program,Delete,Clean,Error |
21288 |
Unwanted,Program,Clean,Error |
21289 |
Unwanted,Program,Encrypt |
21292 |
Unwanted,Program,Access,Deny,Clean,Error |
21293 |
Unwanted,Program,Delete,Successful |
21294 |
Unwanted,Program,Delete,Fail |
21295 |
Unwanted,Program,Quarantine,Fail |
21296 |
Unwanted,Program,Quarantine,Fail,Access,Deny |
21297 |
Unwanted,Program,Delete,Fail |
21298 |
Unwanted,Program,Delete,Fail |
21299 |
Unwanted,Program,Delete,Fail |
21300 |
Unwanted,Program,Delete,Fail,Access,Deny |
21400 |
User,Specific,Unwanted,Program,Find |
21401 |
User,Specific,Unwanted,Program,Clean,Error |
21402 |
User,Specific,Unwanted,Program,Clean,Error,Quarantine,Fail |
21403 |
User,Specific,Unwanted,Program,Clean,Error,Quarantine,Successful |
21404 |
User,Specific,Unwanted,Program,Clean,Error,Delete,Fail |
21405 |
User,Specific,Unwanted,Program,Clean,Error,Delete,Successful |
21406 |
User,Specific,Unwanted,Program,Quarantine,Successful |
21407 |
User,Specific,Unwanted,Program,Delete,Fail |
21408 |
User,Specific,Unwanted,Program,Delete,Successful |
21409 |
User,Specific,Unwanted,Program,Quarantine,Fail |
21410 |
User,Specific,Unwanted,Program,Delete,Successful |
21411 |
User,Specific,Unwanted,Program,Delete,Fail |
21412 |
User,Specific,Unwanted,Program,Delete,Fail |
21413 |
User,Specific,Unwanted,Program,Delete,Fail |
11001 |
Application,Block |
16013 |
Active,Directory,Task,Remove,Computer,Entry |
16009 |
Active,Directory,Task,Fail |
16008 |
Active,Directory,Task,Run,Success |
16012 |
Active,Directory,Task,Add,Computer,Entry |
16021 |
Domain,Synchronization,Task,Success |
16024 |
Domain,Synchronization,Task,Fail |
16019 |
Import,Computer,Task,Remove,Entry |
1293 |
File,Infection,Delete,Successful |
1711 |
Schedule,Scan,Start,Fail |
3000 |
Scan,Complete |
21279 |
Unwanted,Program,Delete |
1710 |
Schedule,Scan,Complete |
2413 |
Agent,Remove,Attempt |
21278 |
Unwanted,Program,Delete |
1708 |
Schedule,Scan,Start |
1709 |
Schedule,Event,Scan,Start |
2411 |
Deploy,Successful |
2412 |
Deploy,Fail |
21277 |
Unwanted,Program,Encrypt,Quarantine,Fail |
1298 |
File,Infection,Delete,Fail |
1706 |
Infection,File,Successful,Clean |
1707 |
Infection,File,Quarantine |
21275 |
Unwanted,Program,Quarantine,Fail |
21276 |
Unwanted,Program,Quarantine,Fail,Clean,Error |
1200 |
Process,Start |
1201 |
Process,End |
1202 |
Scan,Start |
1297 |
File,Infection,Delete,Fail |
1703 |
Message,Infection |
1704 |
Message,Block |
1705 |
Find,Infection,File |
2028 |
Virus,Find |
2201 |
Application,Package,Install,Fail |
2202 |
Application,Package,Install,Limit,Reach |
2204 |
Application,Package,Install,Fail,Disk,Storage,Low |
2208 |
Application,Download,Fail,Disk,Storage,Low |
21273 |
Unwanted,Program,Quarantine,Successful,Encrypt |
21274 |
Unwanted,Program,Quarantine,Successful |
1095 |
Access,Protection,Rule,Violation,Detect,Not,Block |
1127 |
Scan,Engine,Disable |
1128 |
Scan,Time,Exceed |
1129 |
Windows,Shutdown,Scan |
1700 |
Service,Successful,Start |
1701 |
Service,Successful,End |
1702 |
File,Copy,Block |
2025 |
New,File,Virus,Find,Move,Fail |
2026 |
New,File,Virus,Find,Move |
2027 |
New,File,Virus,Find,Move,Fail |
21270 |
Unwanted,Program,Quarantine,Successful |
21271 |
Unwanted,Program,Quarantine,Successful |
21272 |
Unwanted,Program,Quarantine,Successful |
1125 |
DAT,Version,Not,New |
1126 |
Autoupdate,DAT,File,Cancel,Scan |
1514 |
Mail,Virus,Not,Clean |
2023 |
New,File,Virus,Find |
2024 |
New,File,Virus,Find,Delete |
21056 |
Unwanted,Program,Quarantine,Successful |
21057 |
Unwanted,Program,Quarantine,Fail |
1121 |
Update,Cancel |
1122 |
Update,Run |
1123 |
Update,Fail |
1124 |
Update,Cancel |
1509 |
Successful,Start,Request |
1511 |
Abnormal,Terminate,Warning |
1512 |
Maximum,Load,Occur |
1513 |
Mail,Virus,Clean |
2020 |
Boot,Record,Infection,Find |
2021 |
Boot,Record,Infection,Clean |
2022 |
Boot,Record,Infection,Clean,Error |
21036 |
Unwanted,Memory,Program,Find |
21054 |
Unwanted,Program,Delete,Successful |
21055 |
Unwanted,Program,Delete,Fail |
1119 |
Update,Fail |
1120 |
Update,Run |
1510 |
Successful,Shutdown,Request |
2018 |
Infection,File,Quarantine,Alert |
2019 |
Infection,File,Quarantine,Fail,Alert |
21032 |
Unwanted,Program,Quarantine,Successful |
21033 |
Unwanted,Program,Quarantine,Fail |
1100 |
Micro,Detect,File |
1101 |
Micro,Detect,File |
1118 |
Update,Successful |
1505 |
Email,Content,Filter |
1506 |
Email,Content,Block |
1507 |
Low,Disk,Suspend,Inbound,Email |
1508 |
Inbound,Mail,Resume |
2015 |
Scan,File,Exclude,Alert |
2016 |
Scan,File,Exclude,Fail,Alert |
2016 |
Scan,File,Exclude,Fail,Alert |
2017 |
Infection,File,Access,Deny,Alert |
21027 |
Unwanted,Program,Delete |
21028 |
Unwanted,Program,Delete,Fail |
21031 |
Unwanted,Program,Access,Deny |
1099 |
Buffer,Overflow,Detect,Not,Block |
1504 |
Infection,Email,Delete |
2013 |
Infection,File,Detect,Alert |
2014 |
Infection,File,Delete,Fail,Alert |
21025 |
Unwanted,Program,Successful,Clean |
21026 |
Unwanted,Program,Clean,Fail |
1503 |
Infection,Email,Detect |
2012 |
Infection,File,Clean,Fail,Alert |
21024 |
Find,Unwanted,Program |
1094 |
Port,Block,Rule,Violation,Detect |
1502 |
Fail,Clean,Infection,Mail |
2402 |
Update,Fail |
2011 |
Infection,File,Clean,Successful,Alert |
18999 |
IPS,Event,Table,Full |
1093 |
Buffer,Overflow,Detect,Block |
1500 |
Clean,Infection,Email |
1501 |
Infection,Email,Quarantine |
2401 |
Update,Successful |
18002 |
Application,Block |
18003 |
Fail,Quarantine,Check |
1089 |
Scan,Setting |
1091 |
JavaScript,Security,Violation,Detect,Block |
1092 |
Access,Protection,Rule,Violation,Detect,Block |
1300 |
File,Infection |
2328 |
Task,Fail |
18001 |
Handle,Network,Intrusion,Detect |
1515 |
Mail, Infection, Virus |
1203 |
Scan, Complete |
3035 |
Program, Error, Virus, Infection |
deleted |
Delete |