Skip to main content
McAfee MVISION Cloud

Activity Settings

SSL Terminated Logs

This section allows you to enable Activity Monitoring for Shadow Services (using SSL Terminated Logs).

PREREQUISITE: You must set up SSL termination on your firewall/proxy before you can leverage this feature.

MVISION Cloud allows customers to monitor activities on several shadow services. MVISION Cloud tracks over 21,000 activity signatures of shadow services. So, when customers access shadow cloud services, MVISION Cloud is able to provide administrators with a log of the activities performed on these services.

The activity signatures tracked by MVISION Cloud can be mapped to 14 canonical activity categories. Customers can also add their own activity categories based on their requirements. 

Canonical activity categories include: 

  • Administration
  • Data Access
  • Data Delete
  • Data Download
  • Data Sharing
  • Data Updates
  • Data Upload
  • External Data Sharing
  • Login Failure
  • Login Success
  • Report Execution
  • Service Usage
  • User Account Creation
  • User Account Deletion

After the feature is enabled, it may take up to 36 hours before activity becomes available on the Activity Monitoring page.

Examples of some supported CSPs include: 

  • Salesforce
  • Box
  • Office365
  • Dropbox for Business
  • Slack
  • Google Drive
  • Service Now - Beta
  • Atlassian Jira - Beta
  • Github - Beta
  • Jive Hosted - Beta

Enable Activity Settings for SSL Terminated Logs

To enable activity settings for SSL terminated logs:

  1. Go to Incidents > User Activity > Activity Settings.
  2. For SSL Terminated Logs, click ON.

Activity Monitoring

It may take up to 36 hours before data becomes available in Incidents > User Activity > Activity Monitoring. Once it does, you can switch between services on the Activity Monitoring page by using the drop-down menu in the Activity from <Service> title. 

Available Activities

To see available activities, go to Incident> User Activity > Available Activities, and from the All Sources menu, select Proxy/SSL Logs

API & Proxy

Create an API connection or set up the MVISION Cloud proxy to monitor activity on services supported by McAfee.

Click Setup to go to the Settings > Service Management page. 

 

  • Was this article helpful?