Generating queries and reports

McAfee ePO Cloud comes with its own querying and reporting capabilities.

In addition to the querying and reporting systems, you can use these logs to gather information about activities on your McAfee ePO Cloud server and your network:

  • Audit Log
  • Server Task Log
  • Threat Event Log

Queries

Queries enable you to poll McAfee ePO Cloud data. Information gathered by queries is returned in the form of charts and tables.

  • Query results are actionable — Query results displayed in tables have actions available for selected items. Actions are available at the bottom of the results page.
  • Exported results — Query results can be exported to four formats. Exported results are historical data and are not refreshed like other monitors when used as dashboard monitors. Like query results and query-based monitors displayed in the console, you can drill down into the HTML exports for more detailed information. Unlike query results in the console, you cannot select an action when viewing exported data. You can export to these file formats: .csv, .xml, .html, and .pdf.

Reports

Reports package query results into a PDF document, enabling offline analysis.

Generate reports to share information about your network environment, such as threat events and malware activity, with security administrators and other stakeholders.