Skip to main content
McAfee MVISION Cloud

Enterprise Connector 3.8

Enterprise Connector 3.8      

Click here to Download Enterprise Connector 3.8.

Expression Based Event Filtering

In the Enterprise Connector logprocessor.local.properties file, you can drop events based on certain criteria, if processing them with current options and preprocessor rules would end up with false positives. To do this, use the property for custom event filter, called customEventFilter. This property will hold a comma-separated list of boolean MVEL expressions based on which the events can be dropped. An event will be dropped if at least one expression executes to true. For details, see Expression Based Event Filtering

Updated CEF Keywords  

CEF keywords have been updated for MVISION Cloud 3.7 and later. For details, see Exporting Anomalies and Threats to a SIEM.

Known Issues     

For details, see Enterprise Connector Known Issues.

 
  • Was this article helpful?