How do I create a query in McAfee ePO?

Table of Contents

1 How do I create a query in McAfee ePO?
2 What is tag in McAfee ePO?
3 How do I create a dashboard in McAfee ESM?
4 What is McAfee agent status monitor?
5 Can you modify or delete the default dashboards and predefined queries included with ePO?
6 How does McAfee ePO work in cortex xsoar?
7 Can you change the sorting criteria in McAfee ePolicy?

How do I create a query in McAfee ePO?

Create custom event queries

Select Menu → Reporting → Queries & Reports, then New Query.
Choose your chart type.
Choose the label or variable that you want the report to display.
Choose the columns that you want to see when you drill down on any of the variables in the report.

What are McAfee ePO services?

The McAfee ePO server is the central software repository for all McAfee product installations, updates, and other content. The modular design of ePolicy Orchestrator allows new products to be added as extensions.

What is tag in McAfee ePO?

Tags allow users to create labels that can be applied to systems manually or automatically, based on the criteria assigned to the tag. Similar to IP address sorting criteria, you can use tags for automated sorting into groups. Tags are used to identify systems with similar characteristics.

Which chart is available in ePO query?

McAfee ePO provides several charts and tables to display the data it retrieves….Chart types.

Type	Chart or Table
Bar	Bar Chart Grouped Bar Chart Stacked Bar Chart
Pie	Boolean Pie Chart Pie Chart
Bubble	Bubble Chart
Summary	Multi-group Summary Table Single Group Summary Table

How do I create a dashboard in McAfee ESM?

Re: How to create a New Dashboard in ESM

Create a new view or edit an existing one.
Drag out the component you would like to display the data (bar/pie/table).
Select Source IPs, click Next.
Click Filters.
Click the Filter Display list icon at the end of the field.
Click the Watchlists tab and select your watchlist.

How do I push McAfee agent from ePO?

Task

Select Menu → Systems → System Tree, then select the groups or systems where you want to deploy McAfee Agent.
Click Actions → Agent → Deploy Agents.
Select the appropriate Agent version drop-down list given the target operating system, and select a version from that list.
Select these options as appropriate:

What is McAfee agent status monitor?

Monitor the McAfee Agent status for information about the collection and transmission of properties on the managed Mac. You can also send events, enforce policies, collect and send properties, and check for new policies and tasks.

What is McAfee Endpoint Security?

McAfee Endpoint Security delivers centrally managed defenses with integrated capabilities like endpoint detection and response and machine learning analysis. Protect your Windows, Mac, and Linux systems with multiple, collaborative defenses and automated responses.

Can you modify or delete the default dashboards and predefined queries included with ePO?

The default dashboards and predefined queries, shipped with McAfee ePO, can’t be modified or deleted. To change them, duplicate, rename, and modify the renamed dashboard or query.

What do you need to know about McAfee ePO?

Click Test to validate the URLs, credentials, and connection. McAfee ePO has a highly flexible and powerful permissions system. The permissions required for the user that uses this integration depend on which operations they need to perform.

How does McAfee ePO work in cortex xsoar?

McAfee ePO Repository Compliance – Ensures that ePO servers are updated to the latest McAfee published AV signatures (DAT file version). Endpoint Enrichment – Generic v2: uses epo-find-systems to enrich an endpoint by hostname. You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook.

Are there any custom dashboards in McAfee ePolicy orchestrator?

McAfee ePolicy Orchestrator also includes several predefined dashboards. Dashboards are comprised of multiple queries or other objects. You can also create custom dashboards and queries. By default, there are several active dashboards available for viewing.

Can you change the sorting criteria in McAfee ePolicy?

For a complete understanding of the options, review the Populating System Tree Groups sections of the McAfee ePO Product Guide. This group cannot be deleted or renamed. The sorting criteria cannot be changed from being a catchall group, although you can provide sorting criteria for any subgroups created in it.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.