Submit a ticketCall us
Home > Success Center > Log & Event Manager (LEM) > Integrate McAfee ePolicy Orchestrator (ePO) with SolarWinds LEM

Integrate McAfee ePolicy Orchestrator (ePO) with SolarWinds LEM

Table of contents
Created by Jason Dee, last modified by Machaelle LaRue on Feb 27, 2017

Views: 380 Votes: 0 Revisions: 8

Overview

This article outlines the procedures for configuring McAfee ePolicy Orchestrator (ePO) 4.5 and later to send logs to your LEM appliance using SNMP, and configuring your LEM appliance to accept the logs and process them for storage and monitoring.

Environment

  • All LEM versions
  • McAfee ePolicy Orchestrator (ePO) 4.5 and later
    • V2 SNMP no community string needed

Steps

​To configure ePO to recognize your LEM appliance as an SNMP server and configure an automatic rule to send traps, please refer to the ePO Product Guide ( © 2016 McAfee, Inc., available at http://kc.mcaffee.com/, obtained on June 21, 2016.)

 

To configure your LEM Manager to accept SNMP traps:

  1. Connect to your appliance using a virtual console or SSH client.
  2. Access the CMC prompt:
    • Virtual Console: Arrow down to Advanced Configuration, and then press Enter.
    • SSH Client: Log in using your CMC credentials.
  3. At the cmc> prompt, enter service.
  4. At the cmc::scm# prompt, enter enablesnmp.
  5. Press Enter to confirm your entry.
  6. After you see the message, Done starting the SNMP service, enter exit to return to the cmc> prompt.
  7. Enter exit to log out of your LEM virtual appliance.

 

To configure the ePolicy Orchestrator (ePO) connector on your LEM Manager:

  1. Open your LEM console and log in as an administrator.
  2. Click the Manage menu, and then select Appliances.
  3. Click the gear icon next to your LEM appliance (left), and then select Connectors.
  4. In the Connector Configuration window, enter ePolicy Orchestrator in the search box at the top of the Refine Results pane.
  5. Click the gear icon next to the ePolicy Orchestrator (ePO) 4.5+ connector, and then select New.
  6. Enter a custom Alias or accept the default.
  7. Click Save.
  8. Click the gear icon next to the new connector, denoted by an icon in the Status column, and then click Start.
  9. Click Close to close the Connector Configuration window.

After the connector starts, test your integration using a trusted antivirus test site, such as www.eicar.org.

 

Disclaimer: Please note, any content posted herein is provided as a suggestion or recommendation to you for your internal use. This is not part of the SolarWinds software or documentation that you purchased from SolarWinds, and the information set forth herein may come from third parties. Your organization should internally review and assess to what extent, if any, such custom scripts or recommendations will be incorporated into your environment.  You elect to use third party content at your own risk, and you will be solely responsible for the incorporation of the same, if any.

 

 

Last modified
16:44, 27 Feb 2017

Tags

Classifications

Public