McAfee cloud security solutions are built to integrate with McAfee device security to streamline your operations. Synchronize your device data loss prevention (DLP) with the cloud to use in any cloud service.

Device Details

Vendor

McAfee

Device Type

EndPoint Security

Supported Model Name/Number

Cloud Proxy (Endpoints (managed), Standalone computers (unmanaged))

Supported Software Version(s)

N/A

Collection Method

Flat File

Configurable Log Output?

No

Log Source Type

Flat File - McAfee Proxy Cloud

Log Processing Policy

LogRhythm Default

Exceptions

N/A

Additional Information

https://docs.mcafee.com/search?page=5&field-1=All%20Products&q=McAfee%20Cloud%20&sort=score&rpp=10

Prerequisites

  • The sequence of keys in the log should be in given the format: "user_id", "username", "source_ip", "http_action", "server_to_client_bytes", "client_to_server_bytes", "requested_host", "requested_path", "result", "virus", "request_timestamp_epoch", "request_timestamp", "uri_scheme", "category", "media_type", "application_type", "reputation."

Currently Supported Log Types

Type

Product Version

Supported Schema Fields

McAfee Cloud Proxy User Information Messages

ALL

<domain>, <login>, <vendorinfo>, <sip>, <command>, <bytesin>, <bytesout>, <url>, <object>, <result>, <threatname>, <session>, <protname>, <objectname>, <objecttype>, <useragent>, <status>

Parsed Metadata Fields

Device Field Name

LogRhythm Metadata Field

Value/Data Type

User_id

Domain

Text/String

Username

Login

Text/String

Vendorinfo

Vendorinfo

String

Source_ip

Sip

Ip Address

Http_action

Command

String

Server_to_client_bytes

BytesinNumber
Client_to_server_bytesBytesoutNumber
Requested_hostUrlText/String/Ip address
Requested_pathObjectText/String/Ip address
ResultResultText/String
VirusThreatnameText/String
Request_timestamp_epochSessionText/String
Uri_schemePortnameText/String
CategoryObjectnameText/String
Media_TypeObjecttypeText/String
Application_typeUseragentText/String
ReputationStatusText