McAfee EPOCDE-AA-BA Product Guide - Page 215
Determining which events are forwarded immediately, Determining which events are forwarded
View all McAfee EPOCDE-AA-BA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 215 highlights
Responding to events in your network Determining how events are forwarded 18 If you choose to send events immediately (as set by default), the agent forwards all events as soon as they are received. The default interval for processing event notifications is one minute. As a result, there might be a delay before events are processed. You can change the default interval in the Event Notifications server settings (Menu | Configuration | Server). If you choose not to have all events sent immediately, the agent forwards immediately only events that are designated by the issuing product as high priority. Other events are sent only at the agent-server communication. Tasks • Determining which events are forwarded immediately on page 215 Use this task to determine whether events are forwarded immediately or only at the agent-to-server communication interval. • Determining which events are forwarded on page 215 Use this task to determine which events are forwarded to the server. Determining which events are forwarded immediately Use this task to determine whether events are forwarded immediately or only at the agent-to-server communication interval. If the currently applied policy is not set for immediate uploading of events, either edit the currently applied policy or create a new McAfee Agent policy. This setting is configured on the Threat Event Log page. For option definitions click ? in the interface. Task 1 Click Menu | Policy | Policy Catalog, then select Product as McAfee Agent and Category as General. 2 Click on an existing agent policy. 3 On the Events tab, select Enable priority event forwarding. 4 Select the event severity. Events of the selected severity (and greater) are forwarded immediately to the server. 5 To regulate traffic, type an Interval between uploads (in minutes). 6 To regulate traffic size, type the Maximum number of events per upload. 7 Click Save. Determining which events are forwarded Use this task to determine which events are forwarded to the server. For option definitions click ? in the interface. Task 1 Click Menu | Configuration | Server Settings, select Event Filtering, then click Edit. 2 Select the desired events, then click Save. These settings take effect once all agents have called in. McAfee® ePolicy Orchestrator® 4.6.0 Software Product Guide 215