Device Details

Vendor

McAfee

Device Type

EndPoint Security

Supported Model Name/Number

Cloud Proxy (Endpoints (managed), Standalone computers (unmanaged))

Supported Software Version(s)

N/A

Collection Method

Flat File

Configurable Log Output?

No

Log Source Type

Flat File - McAfee Proxy Cloud

Log Processing Policy

LogRhythm Default

Exceptions

N/A

Additional Information

https://docs.mcafee.com/search?page=5&field-1=All%20Products&q=McAfee%20Cloud%20&sort=score&rpp=10

Prerequisites

  • The sequence of keys in the log should be in given the format: "user_id", "username", "source_ip", "http_action", "server_to_client_bytes", "client_to_server_bytes", "requested_host", "requested_path", "result", "virus", "request_timestamp_epoch", "request_timestamp", "uri_scheme", "category", "media_type", "application_type", "reputation."

Currently Supported Log Types

Type

Product Version

Supported Schema Fields

McAfee Cloud Proxy User Information Messages

ALL

<domain>, <login>, <vendorinfo>, <sip>, <command>, <bytesin>, <bytesout>, <url>, <object>, <result>, <threatname>, <session>, <protname>, <objectname>, <objecttype>, <useragent>, <status>

Parsed Metadata Fields

Device Field Name

LogRhythm Metadata Field

Value/Data Type

User_id

Domain

Text/String

Username

Login

Text/String

Vendorinfo

Vendorinfo

String

Source_ip

Sip

Ip Address

Http_action

Command

String

Server_to_client_bytes

BytesinNumber
Client_to_server_bytesBytesoutNumber
Requested_hostUrlText/String/Ip address
Requested_pathObjectText/String/Ip address
ResultResultText/String
VirusThreatnameText/String
Request_timestamp_epochSessionText/String
Uri_schemePortnameText/String
CategoryObjectnameText/String
Media_TypeObjecttypeText/String
Application_typeUseragentText/String
ReputationStatusText