Get a DemoStart Free TrialSign In

McAfee Epolicy Orchestrator

Ship McAfee EPO Logs to Logstash

McAfee Epolicy Orchestrator

Send Your DataLogsApplicationsMcAfee Epolicy Orchestrator Guide

Follow this step by step guide to get 'logs' from your system to

Step 1 - Set up syslog server output

Locate the registered servers page (under configuration) in McAfee Epolicy Orchestrator.

Registered servers page

Now change the server type to syslog server and enter a suitable name for the connection, now hit next.

Change server to syslog server

Press next and you'll be presented with an option for the syslog server and syslog port.

Enter your Logstash endpoint address your-logstash-host and syslog-ssl port number your-ssl-port

Enter logstash endpoint

Once you have entered the details you can test the connection using the button on screen.

Connect to server

Step 2 - Check for your logs

Now you should view your data:

View my data

If you don't see logs take a look at How to diagnose no data in Stack below for how to diagnose common issues.

Step 3 - how to diagnose no data in Stack

If you don't see data appearing in your Stack after following the steps, visit the Help Centre guide for steps to diagnose no data appearing in your Stack or Chat to support now.

Return to Search
Sign Up

© 2023 Ltd, All rights reserved.