アクセス保護イベントは ePO では使用できません
Last Modified: 2022-05-02 13:17:48 Etc/GMT
Disclaimer
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
アクセス保護イベントは ePO では使用できません
Technical Articles ID:
KB87149
Last Modified: 2022-05-02 13:17:48 Etc/GMT EnvironmentMcAfee Endpoint Security (ENS) Threat Prevention 10.x
McAfee ePolicy Orchestrator (ePO) 5.x Problemアクセス保護イベントがローカルでログに記録され、クライアントシステムで発生していることが確認されているにもかかわらず、ePO ではアクセス保護イベントを利用できません。
Causeイベント生成用の ENS ポリシーの既定の構成と Event Filtering 用の McAfee Agent の構成では、アクセス保護イベントが抑制または除外され、ePO サーバーに到達しないようになっている可能性があります。 このような場合:
Solution 1すべてのイベントを送信するには、Endpoint Security Common ポリシーを変更します:
Solution 2Event ID 1092 と 1095 を送信するには、Event Filtering 用の McAfee Agent 構成を変更します。
DisclaimerThe content of this article originated in English. If there are differences between the English content and its translation, the English content is always the most accurate. Some of this content has been provided using Machine Translation translated by Microsoft.
Affected ProductsLanguages:This article is available in the following languages: |
|