McAfee EPOCDE-AA-BA Product Guide - Page 220
Importing .MIB files, Working with registered executables and external commands
View all McAfee EPOCDE-AA-BA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 220 highlights
18 220 Responding to events in your network Configuring Automatic Responses Task 1 Click Menu | Configuration | Registered Servers. 2 From the list of registered servers, select the desired SNMP server, then click Actions | Delete. 3 When prompted, click Yes. The SNMP server is removed from the Registered Servers list. Importing .MIB files Use this task when setting up rules to send notification messages to an SNMP server via an SNMP trap. You must import three .mib files from \Program Files\McAfee\ePolicy Orchestrator\MIB. The files must be imported in the following order: 1 NAI-MIB.mib 2 TVD-MIB.mib 3 EPO-MIB.mib These files allow your network management program to decode the data in the SNMP traps into meaningful text. The EPO-MIB.mib file depends on the other two files to define the following traps: • epoThreatEvent - This trap is sent when an Automatic Response for an McAfee ePO Threat Event is triggered. It contains variables that match properties of the Threat event. • epoStatusEvent - This trap is sent when an Automatic Response for an McAfee ePO Status Event is triggered. It contains variables that match the properties of a (Server) Status event. • epoClientStatusEvent - This trap is sent when an Automatic Response for an McAfee ePO Client Status Event is triggered. It contains variables that match the properties of the Client Status event. • rsdAddDetectedSystemEvent - This trap is sent when an Automatic Response for a Rogue System Detected event is triggered. It contains variables that match the properties of the Rogue System Detected event. • epoTestEvent - This is a test trap that is sent when you click Send Test Trap in the New SNMP Server or Edit SNMP Server pages. For instructions on importing and implementing .mib files, see the product documentation for your network management program. Working with registered executables and external commands Use these tasks when working with registered executables and external commands. You can configure automatic response rules to run an external command when the rule is initiated. Tasks • Adding registered executables on page 221 Use this task to add registered executables to your available resources. You can run external command action by providing the registered executables and their arguments. • Editing registered executables on page 221 Use this task to edit an existing registered executable entry. • Deleting registered executables on page 221 Use this task to delete a registered executable entry. • Duplicating registered executables on page 221 Use this task to duplicate a registered executables to your available resources. McAfee® ePolicy Orchestrator® 4.6.0 Software Product Guide