SIEM Collector overview


The SIEM Collector is a host-based utility that sends events to a McAfee Event Receiver. It can be configured to send events from local or remote Windows computers.

Key features

  • Free add-on to ESM
  • Windows events, log tailing, Custom SQL and SQL C2 Auditing data collection and forwarding
  • Supports WEF forwarded Windows events
  • Can be configured and deployed through McAfee ePolicy Orchestrator
  • Small footprint, high volume

How it works