McAfee Epolicy Orchestrator

Ship McAfee EPO Logs to Logstash

Send Your Data Logs ApplicationsMcAfee Epolicy Orchestrator Guide

Follow this step by step guide to get 'logs' from your system to Logit.io:

Step 1 - Set up syslog server output

Locate the registered servers page (under configuration) in McAfee Epolicy Orchestrator.

Registered servers page

Now change the server type to syslog server and enter a suitable name for the connection, now hit next.

Change server to syslog server

Press next and you'll be presented with an option for the syslog server and syslog port.

Enter your Logstash endpoint address your-logstash-host and syslog-ssl port number your-ssl-port

Enter logstash endpoint

Once you have entered the details you can test the connection using the button on screen.

Connect to server

Step 2 - Check Logit.io for your logs

Now you should view your data:

Launch Dashboard

If you don't see logs take a look at How to diagnose no data in Stack below for how to diagnose common issues.

Step 3 - how to diagnose no data in Stack

If you don't see data appearing in your Stack after following the steps, visit the Help Centre guide for steps to diagnose no data appearing in your Stack or Chat to support now.

Logging

Metrics

Observability

Features

Grafana Demo

Prometheus as a Service

ELK as a Service

Monitoring

Logging

Compliance and Auditing

Analysis

Platform-Specific Logging

CMMC Solution

CMMC For Small & Medium Sized Enterprises

Compliance For Higher Education

Observability For Manufacturers

Logging for Retailers

Source Integrations

Platform Status

Help Centre

Blog

Integrations

Why Logit?

Security

Consultancy

Partners

Legal

McAfee Epolicy Orchestrator

Step 1 - Set up syslog server output

Step 2 - Check Logit.io for your logs

Step 3 - how to diagnose no data in Stack