Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.
Device Configuration: Trellix (formally Mcafee) Mvision
Overview
The Seceon DSM for McAfee MVISION Cloud collects logs from a McAfee MVISION Cloud Platform. McAfee MVISION Cloud is formerly known as Skyhigh Networks Cloud Security Platform. The following table identifies the specifications for the McAfee MVISION Cloud DSM.
Steps for Configuration:
To add the Mcafee Mvision support ,Follow the steps that are mentioned below.
Enter the name of the device.
Enter the CCE IP.
Now enter the generated Client ID in Access ID/user name and Client Secret in password/Secret Key section.
Now in valid JSON Format in the last field add domain (without https://) as per mentioned in the document of Mvision (https://docs.trellix.com/bundle/epolicy-orchestrator-saas-product-guide/page/GUID-685D8584-97BD-4E19-AE1D-055A2284A7F8.html) and the location where your Mvision is hosted -
{"host": "<mvision-domain>"}
Click on the Save button.
Note: As API can pull mini of last 24-hour (instead of 15-min) therefore cronjob will run every morning 5 AM to pull last 24-hour logs to avoid data loss or getting redundant logs.
Verification
Go to the System tab and check that we are seeing Trellix Mvision
Seceon Inc. All rights reserved. https://www.seceon.com