McAfee Siem Supported Devices

McAfee SIEM Supported Devices
Updated June 2014
Vendor
A10 Networks
Accellion
Access Layers
Name
Version(s)
Supported
Parser
Method of
Collection
ESM Version
All
All
2.x
All
All
All
All
ASP
ASP
ASP
ASP
ASP
ASP
ASP
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
9.1 and greater

9.1 and greater
9.1 and greater
9.1.1 and greater
9.1 and greater
9.1 and greater
9.2 and greater
All
ASP
Syslog
9.1 and greater
All
ASP
Syslog
9.1 and greater
1.x, 2.x
Code Based
Syslog
9.1 and greater
1.x, 2.x
ASP
Syslog
9.1 and greater
Carbon Black
Spam Firewall (ASP)

Web Application Firewall (ASP)
Web Filter (ASP)
BeyondTrust REM
BeyondTrust Retina
Bit9 Parity Suite - CEF (ASP)
Bit9 Parity Suite (ASP)
Director (ASP)
ProxySG (ASP)
LT Auditor+ for Novell NetWare
Blue Martini
BorderGuard (ASP)
BlueCat DNS/DHCP Server (ASP)
Campus Manager (ASP)
BigIron, FastIron and NetIron (ASP)
IronView Network Manager (ASP)
VDX Switch (ASP)
DataMinder - CEF (ASP)
SiteMinder (ASP)
Carbon Black (ASP)
Load Balancer
Application
NAC
Wireless Access Point
Network Switches & Routers
Application
Switch
Applications / Host / Server /
Operating Systems / Web Content /
Filtering / Proxies
Power Supplies
Filtering / Proxies
Filtering / Proxies
Filtering / Proxies
IDS/IPS
Event Format
IAM / IDM
Filtering / Proxies
Security Appliances / UTMs
Vulnerability Systems
Application
Application
Web Content / Filtering / Proxies
Application
Application
Firewall
Application
NAC / Network Switches & Routers
DLP
Web Access
IDS / IPS
Cerner
Cerner P2 Sentinel
Healthcare Auditing
All
Code Based
Check Point
Check Point (ASP)

Check Point via Splunk (ASP)
Firewall
Firewall
All
All
ASP
ASP
Cimcor
CimTrak Management Console
Configuration Management
All
Code Based
ASA NSEL
Firewall / Flow
Host / Server / Operating Systems /
Other
IDS / IPS
IDS / IPS
Other
IDS / IPS
IDS / IPS / Network Switches &
Routers
Routers
All
Netflow
Syslog
Syslog
Syslog
N/A
N/A
Syslog
Syslog
Syslog
Syslog
SQL
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
McAfee Event
Format
OPSEC
Syslog
McAfee Event
Format
Netflow
6.x, 7.x
ASP
Syslog
9.1 and greater
All
ASP
Syslog
9.1 and greater
5.x, 6.x
Code Based
SQL
9.1 and greater
All
All
4.x and above
ASP
ASP
SDEE
Syslog
Syslog
9.1 and greater

9.1 and greater
9.1 and greater
12.x and above
ASP
Syslog
9.1 and greater
All
6.x, 7.x
6.x, 7.x
All
All
4.x
SDEE
ASP
ASP
ASP
ASP
Code Based
Syslog
Syslog
Syslog
Syslog
HTTP
9.1 and greater

9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
4.x, 5.x
ASP
Syslog
9.1 and greater
All
ASP
Syslog
9.1 and greater
Adtran
AirTight Networks
Alcatel-Lucent
American Power Conversion
Load Balancer (ASP)

Secure File Transfer (ASP)
Portnox (ASP)
Bluesocket (ASP)
NetVanta (ASP)
SpectraGuard (ASP)
NGN Switch (ASP)
Device Type
VitalQIP (ASP)
Uninterruptible Power Supply (ASP)
Apache HTTP Server
Apache Software Foundation

Apache Web Server (ASP)
Apple Inc.
Mac OS X (ASP)
Avecto
Peakflow SP
Peakflow SP (ASP)
Peakflow X
Peakflow X (ASP)
Pravail (ASP)
Common Event Format (ASP)
Aruba OS
ClearPass (ASP)
Privilege Guard (ePO)
Axway
SecureTransport (ASP)
Arbor Networks
ArcSight
Aruba
Barracuda Networks
BeyondTrust
Bit9
Blue Coat
Blue Lance, Inc.
Blue Martini Software
Blue Ridge Networks
BlueCat Networks
Bradford Networks
Brocade
CA Technologies
CATOS v7xxx (ASP)

Content Services Switches (ASP)
CSA Console
Guard DDoS Mitigator (ASP)
Identity Services Engine (ASP)
IDS (4.x+ RDEP protocol)
IOS (ASP)
IOS ACL
IOS EAP
IOS Firewall
IOS IDS
Cisco
IOS IPS (SDEE protocol)

IronPort Email Security (ASP)
IronPort Web Security Appliance (ASP)
MDS (ASP)
NAC Appliance (ASP)
NAC Appliance (Clean Access)
NX-OS (ASP)
Open TACACS+ (ASP)
Firewall / Network Switches & Routers

Routers
Application Protocol
Email Security
Routers
Authentication
All
ASP
Syslog
9.1 and greater
2.x
2.x and above
2.x
All
All
All
N/A
5.x
3.x
Code Based
ASP
Code Based
ASP
ASP
ASP
Code Based
ASP
ASP
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
ePO - SQL
9.1 and greater

9.2 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.1 and greater
9.2 and greater
All
ASP
Syslog
9.1 and greater
3.x, 4.x
All
All
All
All
All
All
All
4.x-6.x
9.x
6.5
5000, 6000
All
All
7.5 and above
All
All
All
All
All
ASP
ASP
ASP
N/A
N/A
ASP
ASP
ASP
ASP
Code Based
Code Based
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
9.1 and greater

9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.3 and greater
9.2 and greater
9.1 and greater
9.1 and greater
12.x and above

12.x and above
12.x and above
12.x and above
Cisco
Vendor
Name
PIX IDS
PIX/ASA/FWSM (ASP)
Secure ACS (ASP)
Unified Communications (ASP)
Unified Computing System (ASP)
VSM/VPN Concentrator
WAAS (ASP)
Citrix
Cluster Labs
Code Green
Cooper Power Systems
Corero
Critical Watch
CyberArk
CyberGuard
Cyberoam
Cyrus
D-Link
Damballa
Dell
DG Technology - InfoSec
Digital Defense
Econet
EdgeWave
Enforcive
Enterasys Networks
Entrust
Extreme Networks
F5 Networks
WAP200 (ASP)
Wireless Control System (ASP)
Wireless Lan Controller (ASP)
NetScaler (AppFlow)
NetScaler (ASP)
Secure Gateway (ASP)
Pacemaker (ASP)
Data Loss Prevention (ASP)
Cybectec RTU (ASP)
Yukon IED Manager Suite (ASP)
Corero IPS (ASP)
Critical Watch FusionVM
Enterprise Password Vault (ASP)
Privileged Identity Management Suite - CEF
(ASP)
CyberGuard
Cyberoam UTM and NGFW
Cyrus IMAP & SASL (ASP)
NetDefend UTM Firewall (ASP)
Failsafe (ASP)
PowerConnect Switches (ASP)
Mainframe Event Acquisition System (ASP)
Digital Defense Frontline
Sentinel IPS (ASP)
iPrism Web Security (ASP)
System z SMF DB2 (ASP)
Dragon Sensor
Dragon Squire
Enterasys N and S Switches (ASP)
Enterasys Network Access Control (ASP)
IdentityGuard (ASP)
ExtremeWare XOS (ASP)
BIG-IP Access Policy Manager (ASP)
BIG-IP Application Security Manager - CEF
(ASP)
Firepass SSL VPN (ASP)
Local Traffic Manager - LTM (ASP)
Device Type
Routers
Firewall / IDS / IPS
IDS / IPS
Applications
Filtering / Proxies
Virtual Private Network
Filtering / Proxies
Flow
Application
DLP
Application
IDS/IPS
Application
Application
Syslog
9.1 and greater
2.x - 4.x
Code Based
Syslog
9.1 and greater
All
ASP
Syslog
9.1 and greater
All
All
All
All
All
All
1.x
8.x
5.x, 6.x
All
All
All
5.x
ASP
ASP
ASP
IPFix
ASP
ASP
ASP
ASP
ASP
ASP
ASP
N/A
ASP
Syslog
Syslog
Syslog
IPFix
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
N/A
Syslog
9.1 and greater

9.1 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
All
ASP
Syslog
9.2 and greater

All
All
ASP
ASP
9.1 and greater

9.1 and greater
2.9.x
Code Based
All
ASP
Syslog
Syslog
McAfee Event
Format
Syslog
Antivirus/Malware
5.x and above
ASP
Syslog
9.1 and greater

Antivirus
Firewall
IDS / IPS
Firewall
Firewall
Firewall
Firewall
Authentication
Other
Other
Other
Other
8.x
All
5.x and 6.x
7.x and above
All
3.x
All
All
All
All
All
All
All
N/A
N/A
N/A
ASP
ASP
ASP
ASP
Code Based
Code Based
Code Based
ASP
ASP
ASP
ASP
ASP
ASP
Code Based
Code Based
Code Based
9.1 and greater

9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.2 and greater
9.2 and greater
9.2 and greater
N/A
Code Based
N/A
N/A
N/A
All
All
5.3.x
All
All
All
All
All
1.x
All
5.1.1-0
All
8.x, 9.x, 10.x
6.x, 7.x
11.5
5.5 - 7.x
All
All
All
All
Code Based
Code Based
Code Based
Code Based
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
File pull
File pull
File pull
McAfee Event
Format
File pull
File pull
File pull
File pull
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
ASP
Syslog
Other
Other
Other
VA Scanner
Switches & Routers
Firewall
Application
Application
UTM
Switches & Routers
Printers
Operating Systems
Database
NAC
Database
Database Activity Monitoring
Database
Host / Server / Operating Systems
Security Management
MainFrame
Other
Database
IBM
ASP
9.1 and greater

9.2 and greater
9.1 and greater
9.2 and greater
9.1.1 and greater
9.1 and greater
9.1 and greater
9.1.4 and greater
9.2 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
Other
HyTrust
All
9.1 and greater
NFS File Source

SCP File Source
SFTP File Source
GFI LanGuard
GigaVUE (ASP)
GNAT Box (ASP)
Good Mobile Control (ASP)
Search Appliance (ASP)
Active Defense (ASP)
3Com Switches (ASP)
LaserJet Printers (ASP)
OpenVMS (ASP)
ProCurve (ASP)
Vertica
HyTrust Appliance (ASP)
DB2
Guardium (ASP)
Informix
ISS Real Secure Server Sensor
ISS SiteProtector
MainFrame
Proventia GX (ASP)
System Z DB2
Hewlett-Packard
9.1 and greater

9.1 and greater
9.2 and greater
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
N/A
Syslog
Syslog
Syslog
SQL
SQL
Syslog
Syslog
Syslog
Syslog
Syslog
McAfee Event Format
GFI
Gigamon
Global Technology Associates
Good Technology
Google
HBGary
Syslog
Syslog
Syslog
Syslog
Network Security Applicance
Generic
ASP
ASP
ASP
ASP
Application Security
FreeRADIUS
5.x and above

3.x, 4.x
All
12.x and above
Code Based
ASP
ASP
ASP
ASP
ASP
ASP
N/A
ASP
ASP
ASP
Code Based
Code Based
ASP
ASP
ASP
ASP
ASP
Fidelis XPS (ASP)

FireEye Malware Protection System - CEF
(ASP)
AirMagnet Enterprise (ASP)
FTOS (ASP)
CounterACT (ASP)
CounterACT CEF (ASP)
FortiGate Antivirus
FortiGate Firewall
FortiGate IDS
FortiGate UTM - Comma Delimited - (ASP)
FortiGate UTM - Space Delimited - (ASP)
FortiManager (ASP)
FortiWeb Web Application Firewall (ASP)
FreeRADIUS (ASP)
Advanced Syslog Parser
CIFS/SMB File Source
FTP/FTPS File Source
HTTP/HTTPS File Source
Fortinet
ESM Version
All
Patient Privacy Monitoring
ForeScout
Method of
Collection
5.x
10.0 and above
2.x
All
All
All
5.x, 6.x
All
All
All
All
1.x-7.x
1.x-7.x
7.x
7.x
All
7.x, 8.x
All
Fidelis
Fluke Networks
Force10 Networks
Parser
Firewall
UTM / Firewall
Messaging
UTM
Anti-Malware
MainFrame
IDS/IPS
MainFrame
IDS/IPS
IDS/IPS
Application
FairWarning
FireEye
Version(s)
Supported
9.1 and greater

9.1 and greater
9.2 and greater
ASP
Syslog
Code Based
Code Based
SQL
SQL
9.2 and greater

9.2 and greater
9.2 and greater
9.1 and greater
9.1.1 and greater
9.1 and greater
9.2 and greater
9.2 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.1 to 9.3.2
9.1 and greater
ASP
Syslog
9.1 and greater
IBM
Vendor
Imperva
Infoblox
InfoExpress
InterSect Alliance
InterSystems
Invincea
IPFIX
Ipswitch
Itron
Jflow
Juniper Networks
Kaspersky
KEMP Technologies
Kerio Technologies
Lancope
Legacy
Lieberman
Locum
LOGbinder
Lumension
MailGate, Ltd.
McAfee
MEDITECH
Name
Device Type
Version(s)
Supported

Tivoli Endpoint Manager - BigFix (ASP)
All
Other
Tivoli Identity Manager - SQL Pull (ASP)
IAM / IDM
All
z/OS, z/VM
MainFrame
WAF/DAM - CEF (ASP)
Database
All
NIOS (ASP)
Application
All
CyberGatekeeper LAN
All
Snare for AIX (ASP)
Other
All
Snare for Solaris (ASP)
Other
All
Snare for Windows (ASP)
Other
All
InterSystems Cache
Database
2011.1.x
Enterprise - CEF (ASP)
All
Other
IPFIX
Network Flow Collection
All
WS_FTP (ASP)
Application
All
Itron Enterprise Edition (ASP)
Smart Grid Application
All
Jflow (Generic)
5, 7, 9
Juniper Secure Access/MAG (ASP)
VPN
All
JUNOS - Structured-Data Format (ASP)
All
JUNOS Router (ASP)
All
NetScreen / IDP (ASP)
All
NetScreen Firewall
Firewall
4.x, 5.x
NetScreen IDP
IDS / IPS
3.x, 4.x
NetScreen SSL VPN Secure Access
VPN
5.x - 7.x
Network and Security Manager - NSM (ASP)
All
Operating Systems
Secure Access version 7 (ASP)
VPN
5.x-7.x
Steel Belted Radius (ASP)
Radius Server
5.x and above
Administration Kit - SQL Pull (ASP)
Antivirus
All
LoadMaster (ASP)
4.x, 5.x
Kerio Control (ASP)
Firewall
All
StealthWatch
4.x-5.6
Routers
StealthWatch (ASP)
6.x and above
Routers
Event Center (ASP)
Other
All
Informant (ASP)
IDS / IPS
All
Enterprise Random Password Manager
Application
All
(ASP)
RealTime Monitor (ASP)
Application
All
LOGbinder (ASP)
Application
All
Bouncer - CEF (ASP)
Application
5.x and above
Bouncer (ASP)
Application
4.x
Lumension
All
Applications / Security Management /
MailGate Server (ASP)
3.5
AntiSpyware (ePO)
Antivirus
All
Application and Change Control (ePO)
All
Asset Manager Sensor (ASP)
Asset Management
All
Correlation Engine
Other
All
Database Security - CEF (ASP)
Database
All
Database Security (ePO)
Database
All
Deep Defender (ePO)
Other
All
Email and Web Security - CEF (ASP)
6.x and above
Email and Web Security v5 (ASP)
5.x
Email Gateway (ASP)
All
Endpoint Encryption (ePO)
Application
All
ePO Audit Log (ePO)
Other
All
ePolicy Orchestrator (ASP)
Other
All
ePolicy Orchestrator Agent (ePO)
3.x and above
Firewall Enterprise (ASP)
Firewall / IDS / IPS
8.x
Host Data Loss Prevention (ePO)
DLP
All
Host Intrusion Prevention (ePO)
IDS / IPS
6.x and above
Informant (ASP)
IDS / IPS
All
McAfee Advanced Correlation Engine
Correlation
All
McAfee Application Data Monitor
Application
All
McAfee Database Event Monitor for SIEM
Database
All
McAfee Enterprise Log Manager
McAfee Enterprise Security Manager
McAfee Event Receiver
McAfee Event Receiver/ELM
McAfee Security for Domino Windows
All
(ePO)
McAfee Security for Microsoft Exchange
All
(ePO)
McAfee Vulnerability Manager
All
MOVE AntiVirus (ePO)
Antivirus
All
Network Access Control (ePO)
Other
All
Network DLP Monitor (ASP)
DLP
All
Network Security Manager - SQL Pull (ASP) IDS / IPS
6.x and above
Network Security Manager (ASP)
IDS / IPS
6.x and above
Network Threat Response (ASP)
IDS / IPS
4.0.0.5 and above
Next Generation Firewall - Stonesoft (ASP) IDS / IPS
All
Nitro IPS
IDS / IPS
All
Policy Auditor (ePO)
Policy Server
All
SaaS Web Protection (ASP)
All
SiteAdvisor (ePO)
Other
All
UTM Firewall (ASP)
Firewall
All
VirusScan (ePO)
Antivirus
All
Web Gateway (ASP)
All
WebShield (ASP)
All
Caretaker (ASP)
HealthCare Application
All
ACS - SQL Pull (ASP)
All
Operating Systems
Parser
Method of
Collection
ESM Version
ASP
Syslog
9.1 and greater
ASP
SQL
9.2 and greater
ASP
ASP
Code Based
ASP
ASP
ASP
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
9.2 and greater

9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
ASP
Syslog
9.1 and greater
IPFix
ASP
ASP
Netflow
ASP
ASP
ASP
ASP
Code Based
Code Based
Code Based
IPFix
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
9.1 and greater

9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
ASP
Syslog
9.1 and greater
ASP
ASP
ASP
ASP
ASP
Syslog
Syslog
SQL
Syslog
Syslog
9.1 and greater

9.1 and greater
9.2.1 and greater
9.1 and greater
9.3.2 and greater
Code Based
Syslog
9.1 and greater
ASP
Syslog
9.1 and greater
ASP
ASP
Syslog
Syslog
9.1 and greater

9.3 and greater
ASP
Syslog
9.1.1 and greater
ASP
ASP
ASP
ASP
N/A
Syslog
Syslog
Syslog
Syslog
N/A
9.1 and greater

9.2 and greater
9.2 and greater
9.1 and greater
9.1 and greater
ASP
Syslog
9.1 and greater
ASP
ASP
ASP
Correlation
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ePO - SQL
ePO - SQL
Syslog
Syslog
ePO - SQL
ePO - SQL
Syslog
Syslog
Syslog
ePO - SQL
ePO - SQL
ePO - SQL
9.2 and greater

9.2 and greater
9.1.1 and greater
9.1 and greater
9.2 and greater
9.2 and greater
9.2 and greater
9.2 and greater
9.1 and greater
9.1 and greater
9.3.2 and greater
9.2 and greater
9.2 and greater
ASP
ePO - SQL
9.2 and greater
ASP
ASP
ASP
ASP
Syslog
ePO - SQL
ePO - SQL
Syslog
9.2 and greater

9.2 and greater
9.2 and greater
9.3 and greater
9.1 and greater
9.1 and greater
9.1 and greater
ASP
ePO - SQL
9.2 and greater
ASP
ePO - SQL
9.2 and greater
N/A
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
N/A
ePO - SQL
ePO - SQL
Syslog
SQL
Syslog
Code Based API
Syslog
Syslog
ePO - SQL
Syslog
ePO - SQL
Syslog
ePO - SQL
Syslog
Syslog
Syslog
9.1.2 and greater

9.3.2 and greater
9.2 and greater
9.1 and greater
9.1.2 and greater
9.1 and greater
9.3 and greater
9.1 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.1 and greater
9.1 and greater
ASP
SQL
9.1.3 and greater
Code Based
Code Based
Vendor
Name
Adiscon Windows Events
Assets via Active Directory
9.1 and greater

9.3 and greater
2010
ASP
Syslog
9.1.1 and greater
Web Content/Filtering/Proxies
2003, 2008
ASP
Syslog
9.1 and greater
2003, 2008
ASP
Syslog
9.1 and greater
All
Code Based
Syslog
9.1 and greater
All
ASP
All
ASP
Microsoft Active Directory

Microsoft Exchange Server
Microsoft SQL Server
Web Content/Filtering/Proxies
Firewall / Host / Server / Operating
Systems / Web Content / Filtering /
Proxies / Virtual Private Networks
Other
Other
Database
MSSQL
Database
MSSQL Error Log (ASP)
Internet Security and Acceleration (ASP)
2008
WMI
2007, 2010
ASP
2010
HIPS
IDS / IPS
IDS / IPS
9.1 and greater
9.1 and greater

9.1 and greater
ASP
Syslog
9.1 and greater
WMI
WMI
WMI
WMI
WMI
WMI
9.1 and greater

9.1 and greater
9.1 and greater
Database
All
2007, 2010
All
7, 2000, 2005, 2008,
2012
All
ASP
9.2 and greater
MSSQL Server C2 Audit
Database
2000, 2005, 2008
Code Based
Network Policy Server (ASP)

Operations Manager
PhoneFactor (ASP)
SharePoint (ASP)
Policy Server
Application
Host / Server / File Management
All
All
All
2007, 2010
ASP
Code Based
ASP
ASP
System Center Operations Manager
Security Management
2007
Code Based
Windows DHCP (ASP)
Debug DHCP Logs
2003, 2008
ASP
Windows DNS (ASP)
Debug DNS Logs
2003, 2008
ASP
Syslog
MEF - McAfee
SIEM Agent
Syslog
SQL
Syslog
Syslog
MEF - McAfee
SIEM Agent
File pull / McAfee
SIEM Agent
File pull / McAfee
SIEM Agent
Windows Event Log - CEF (ASP)

Operating Systems
All
ASP
Syslog
9.2 and greater
Windows Event Log - WMI

Operating Systems
XP, Server 2003,

Server 2008, Server
2012, Windows 7
and Windows 8
WMI
WMI
9.1 and greater
2.3.1
All
All
7.x
All
All
5, 7, 9
Code Based
ASP
Code Based
ASP
ASP
Syslog
Syslog
Syslog
Syslog
Syslog
NetFlow
NetFlow
9.1 and greater

9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
All
ASP
Syslog
9.1 and greater
5.1
ASP
Syslog
9.1 and greater
All
ASP
Syslog
9.1 and greater
All
All
All
All
All
7.x
7.x
8.x
ASP
ASP
N/A
ASP
Code Based
Code Based
ASP
ASP
Syslog
Syslog
N/A
Syslog
Syslog
Syslog
Syslog
Syslog
9.1 and greater

9.2 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
All
ASP
Syslog
9.2 and greater
All
ASP
Syslog
9.1 and greater
All
All
2.1 and above
N/A
N/A
ASP
ASP
N/A
N/A
Syslog
SQL
9.1 and greater

9.1 and greater
9.1 and greater
9.3.2 and above
Security Manager (ASP)

NetIQ
Sentinel Log Manager (ASP)
Informer - CEF (ASP)
Spectrum - CEF (ASP)
NGS SQuirreL
NetDetector (ASP)
IPSO
Contivity VPN
Passport 8000 Series Switches (ASP)
VPN Gateway 3050 (ASP)
eDirectory (ASP)
Identity and Access Management - IAM
(ASP)
CPX Flow & Packet Capture
OpenVAS
OpenVPN (ASP)
Identity Manager - SQL Pull (ASP)

Wireless Switch
Wireless Switch
Storage
Storage Switch
Storage
Flow
Network Switches & Routers /
Security Management
Network Switches & Routers /
Security Management
Application
Malware
Other
Firewall
IAM / IDM
Packet Capture
VPN
IAM / IDM
MySQL
Database
Oracle
Database
Oracle Audit - SQL Pull (ASP)

Oracle Audit (ASP)
Solaris Basic Security Module - BSM (ASP)
WebLogic (ASP)
Osiris
Host Integrity Monitor (ASP)
Palo Alto Networks

Pivotal
Postfix
Palo Alto Firewalls (ASP)

Greenplum
Postfix (ASP)
Database
Database
Other
IDS / IPS
Firewall
Database
Application
PostgreSQL
Database
PostgreSQL (ASP)
Database
PostgreSQL
File pull / McAfee

SIEM Agent
File pull / McAfee
SIEM Agent
9.1 and greater
All
LANGuardian (ASP)
Oracle
9.1 and greater
SQL
NetFort Technologies
nPulse
OpenVAS
OpenVPN
9.1 and greater
SQL
NetFlow
Novell
Syslog
ASP
CounterPoint
AirDefense (ASP)
AirDefense Enterprise
Data ONTAP (ASP)
DataFort (ASP)
FAS
Generic NetFlow
Nortel Networks
Code Based
All
ASP
Internet Information Services (ASP)
NGS
Niksun
Nokia
All
2010
Internet Information Services - FTP (ASP)
NetWitness
ESM Version
2010
Internet Information Services
NetApp
Method of
Collection
9.1.1 and greater
Forefront Client Security (ASP)

Forefront Endpoint Protection - SQL Pull
(ASP)
Forefront Threat Management Gateway SQL Pull (ASP)
Forefront Unified Access Gateway (ASP)
Internet Authentication Service - Formatted
(ASP)
Internet Authentication Service - XML (ASP)
Motorola
Parser
ASP
Exchange (ASP)
Mirage Networks

Operating Systems
Asset
Operating Systems
Operating Systems
HIPS
Version(s)
Supported
MEF - McAfee
SIEM Agent
File pull / McAfee
SIEM Agent
SQL
Event Forwarding
Microsoft
Device Type
(32 bit, Windows)

4.x, 5.x, 6.x
8.x, 9.x, 10g, 11g,
11g R2
10g, 11g
All
9.x, 10.x
8.1.x
All
8.2.15
All
7.4.x, 8.4.x, 9.0.x,
9.1.x
All
9.1 and greater

9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater

9.1 and greater
ASP
ASP
ASP
ASP
SQL
Syslog
Syslog
Syslog
9.2.1 and greater

9.2.1 and greater
9.1 and greater
9.1 and greater
ASP
Syslog
9.1 and greater
ASP
Syslog
ASP
Syslog
9.1 and greater

9.1 and greater
9.1 and greater
ASP
Syslog
9.1 and greater

9.1 and greater
Vendor
PowerTech
Proofpoint
Qualys
Quest
Name
Version(s)
Supported
Method of
Collection
ESM Version
ASP
ASP
N/A
WMI
ASP
ASP
Code Based
ASP
ASP
N/A
N/A
ASP
ASP
ASP
ASP
ASP
ASP
N/A
ABAP Module &
ASP
Syslog
Syslog
N/A
WMI
Syslog
Syslog
Syslog
Syslog
Syslog
N/A
N/A
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
N/A
9.2 and greater

9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
Syslog
9.1 and greater
11.x, 12.x, 15.x

3.x
ASP
Syslog
9.1 and greater

9.2 and greater
All
ASP
Syslog
9.1 and greater
5.x
ASP
Syslog
McAfee Event
Format
9.1 and greater
9.2 and greater

9.1 and greater
Savant Protection
Sybase
Savant - CEF (ASP)
Secure Crossing
Zenwall (ASP)
SecureAuth
IEP - Single Sign On (ASP)
Securonix
Risk and Threat Intelligence
Application
SendMail
Sentrigo
sFlow
Sentrion
Hedgehog - CEF (ASP)
Generic sFlow
Messaging
Database
All
All
All
ASP
sFlow
Silver Spring Networks
Network Infrastructure (ASP)
Smart Grid
All
ASP
SnapLogic
SnapLogic (ASP)
DB2 Access Recording Services DBARS
(ASP)
Aventail (ASP)
SonicOS (ASP)
SonicWall Firewall/VPN
SonicWall IPS
GSX (ASP)
Email Security and Data Protection (ASP)
Sophos Antivirus
Web Security and Control (ASP)
3D Defense Center
Snort NIDS
FireSIGHT Management Console eStreamer
SourceFire NS/RNA (ASP)
Squid
Squid (ASP)
Cloud Integration
All
ASP
Syslog
sFlow
File pull / McAfee
SIEM Agent
Syslog
Database
All
ASP
Syslog
9.1 and greater

Firewall
Firewall
IDS / IPS
VOIP
Email Security
Antivirus
IDS / IPS
IDS / IPS
10.x
All
All
All
All
All
All
All
4.10
All
ASP
ASP
Code Based
Code Based
ASP
ASP
Code Based
ASP
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
SQL
Syslog
9.1 and greater

9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
IDS / IPS
5.x.x
Code Based
eStreamer
9.1.1 and greater
All
1.x
2.5
ASP
Code Based
ASP
Syslog
Syslog
Syslog
9.1 and greater

9.1 and greater
9.1 and greater
5.x, 6.x
ASP
Syslog
9.1 and greater
Code Based
Syslog
Code Based
Code Based
Code Based
ASP
ASP
ASP
ASP
ASP
ASP
N/A
SQL
SQL
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
N/A
ASP
Code Based
ASP
ASP
ASP
ASP
ASP
Code Based
ASP
ASP
ASP
ASP
ASP
ASP
ASP
N/A
ASP
Code Based
ASP
ASP
ASP
ASP
Code Based
ASP
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
SQL
SQL
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
N/A
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
Syslog
9.1 and greater

9.2 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.2 and greater
9.2 and greater
9.2 and greater
9.1 and greater
9.1.3 and greater
9.2 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.2 and greater
9.1 and greater
9.1 and greater
Code Based
Syslog
9.1 and greater
ASP
ASP
Syslog
Syslog
9.1 and greater

9.2 and greater
Rapid7
Raytheon
Raz-Lee Security
RedSeal Networks
Riverbed
RSA
SafeNet
Saint
SAP
Software Product Research

SonicWall
Sonus
Sophos
SourceFire
SAP Version 5 (ASP)
StillSecure
Strata Guard (ASP)
Stonesoft Corporation
Sun
Next Generation Firewall (ASP)

iPlanet
Altiris Management Console
Antivirus Corporate Edition Server
Critical System Protection
Endpoint Protection
Endpoint Protection (ASP)
PGP Universal Server (ASP)
Symantec Data Loss Prevention (ASP)
Symantec Messaging Gateway (ASP)
Symantec Web Gateway (ASP)
DiskStation Manager (ASP)
Tenable Nessus
Teradata
SMS (ASP)
TippingPoint
UnityOne (ASP)
Tofino Firewall LSM (ASP)
Skoot (ASP)
AS/400 - CEF (ASP)
Trust Control Suite (ASP)
Control Manager
Control Manager - SQL Pull (ASP)
Deep Discovery - CEF (ASP)
Deep Security - CEF (ASP)
Deep Security Manager - CEF (ASP)
InterScan Web Security Suite (ASP)
OfficeScan (ASP)
OSSEC (ASP)
Tripwire / nCircle IP360
Tripwire Enterprise (ASP)
Tripwire For Server
Network Access Control (ASP)
Vericept - CEF (ASP)
WebDefend (ASP)
SecureTrack (ASP)
SMA_RT
Linux (ASP)
IDS / IPS
Firewall / Security Management / IDS
/ IPS / Virtual Private Networks
IDS / IPS
Web Server
Asset
Antivirus
IDS / IPS
Antivirus
Antivirus
DLP
Messaging
Application
Database
Security Management
Security Management
IDS / IPS
Firewall
Application
Application
Antivirus / Vulnerability Systems
HIDS
HIDS
FIM / HIDS
Database / Security Management
Database / Security Management
NAC
DLP
Firewall / Auditing
UNIX OS
VShell (ASP)
Digital Guardian (ASP)
Application
DLP
Squid
Symantec
Synology
Tenable
Teradata
TippingPoint
Tofino Security
Topia Technology
Townsend Security
Trapezoid
Trend Micro
Tripwire
Trustwave
Tufin
Type80 Security Software
UNIX
VanDyke Software
Verdasys
All
All
All
All
All
All
2.4.3 and above
2.4.3 and above
All
3.x and above
All
All
All
All
5.x
7.x
All
All
Parser
Host
Application
Applications
Firewall
IDS / IPS
IDS / IPS
Application
Application
Risk Complianace
Authentication
Application Security
Database
Anti-Malware
Authentication
Radware
Interact - CEF (ASP)

Messaging Security Gateway (ASP)
Qualys QualysGuard
ChangeAuditor for Active Directory
AppDirector (ASP)
AppWall (ASP)
DefensePro
DefensePro (ASP)
LinkProof/FireProof (ASP)
Rapid7 Metasploit Pro
Rapid7 Nexpose
SureView (ASP)
iSecurity Suite (ASP)
RedSeal 6 (ASP)
Steelhead (ASP)
Authentication Manager (ASP)
Hardware Security Modules (ASP)
Saint
Device Type
5.x and 6.x
Code Based
All
All
7.x and above
8.x, 9.x
5.2
11.x
11.x
All
All
2.x and above
All
All
3.x, 4.x, 5.x, 6.x
12.x, 13.x, 14.x
2.x and above
1.x, 2.x
All
All
All
All
All
3.x, 5.x, 6.x
5.x
All
6.x and above
6.x and above
All
All
1.x, 2.x
All
4.x
4.x
3.x
8.x
4.x
All
All
All
Solaris, Red Hat
Linux, HP-UX, IBM
AIX and SUSE
2.x, 3.x
All
9.1 and greater
9.1 and greater

9.2 and greater
Vendor
VMware
Vormetric
WatchGuard Technologies
Wave Systems Corp
Websense
Xirrus
Zenprise
ZeroFOX
2821 Mission College Boulevard

Santa Clara, CA 95054
888 847 8766
www.mcafee.com
Name
vCenter Server (ASP)
VMware (ASP)
Data Security (ASP)
Firebox and X Series (ASP)
Safend Protector (ASP)
Websense - CEF, Key Value Pair (ASP)
Websense Enterprise - SQL Pull (ASP)
802.11abgn Wi-Fi Arrays (ASP)
Secure Mobile Gateway (ASP)
ZeroFOX (ASP)
Device Type
Application
Application
Application
Firewall
DLP
Switches & Routers
Security Mobile Gateway
Application
Version(s)
Supported
Parser
Method of
Collection
ESM Version
All
1.x-5.x
4.x
8.x-11.x
All
7.7 and above
6.x
All
5.x and above
All
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
ASP
Code Based API

Syslog
Syslog
Syslog
Syslog
Syslog
SQL
Syslog
Syslog
Syslog
9.3.2 and above

9.1 and greater
9.1 and greater
9.1 and greater
9.2 and greater
9.2 and greater
9.2.2 and greater
9.1 and greater
9.1 and greater
9.2 and greater
McAfee and the McAfee logo are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks and
brands may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change
without notice, and are provided without warranty of any kind, express or implied. Copyright 2014 McAfee, Inc.

McAfee Siem Supported Devices

Uploaded by

Copyright:

Available Formats

You might also like

McAfee Siem Supported Devices

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

McAfee Siem Supported Devices

Uploaded by

Copyright:

Available Formats

McAfee SIEM Supported Devices

Updated June 2014

9.1 and greater

9.1 and greater

9.1 and greater

9.1 and greater

9.1 and greater

Spam Firewall (ASP)

Check Point (ASP)

CimTrak Management Console

9.1 and greater

9.1 and greater

9.1 and greater

9.1 and greater

12.x and above

9.1 and greater

9.1 and greater

9.1 and greater

9.1 and greater

Load Balancer (ASP)

Apache Software Foundation

CATOS v7xxx (ASP)

IOS IPS (SDEE protocol)

Firewall / Network Switches & Routers

9.1 and greater

9.1 and greater

9.1 and greater

9.1 and greater

12.x and above

9.1 and greater

9.1 and greater

9.1 and greater

9.1 and greater

Web Content / Filtering / Proxies

9.2 and greater

Virtual Private Network

9.1 and greater

5.x and above

9.1 and greater

Network Switches & Routers

9.1 and greater

9.1 and greater

9.1 and greater

NFS File Source

9.1 and greater

McAfee Event Format

Network Security Applicance

5.x and above

12.x and above

Fidelis XPS (ASP)

Patient Privacy Monitoring

9.1 and greater

9.2 and greater

9.2 and greater

9.1 and greater

Host / Server / Operating Systems /

9.1 and greater

9.2 and greater

9.2 and greater