McAfee Security for Microsoft Exchange 8.6.0

Filter events

Specify which MSME events generated from the client systems are to be forwarded to the server.

By default, all MSME events are enabled. Filter events based on the bandwidth used in your environment, and event‑based queries required.

For more details on event filtering, see the product guide for your version of the ePolicy Orchestrator software.

Task
1 Log on to the ePolicy Orchestrator server as an administrator.
2 Click Menu | Configuration | Server Settings, select Event filtering, then click Edit at the bottom of the page.
3 Select All events to the server to forward all events to the ePolicy Orchestrator server, or select Only selected events to the server and select the MSME specific client events that you want to forward.
MSME events are prefixed with McAfee Security for Microsoft Exchange such as these:
34150: McAfee Security for Microsoft Exchange Packer detected (High) 34156: McAfee Security for Microsoft Exchange Denial of service triggered (High)
34151: McAfee Security for Microsoft Exchange Phish detected (High) 34157: McAfee Security for Microsoft Exchange Protected content triggered (Medium)
34152: McAfee Security for Microsoft Exchange Mail size filter rule triggered (Medium) 34158: McAfee Security for Microsoft Exchange Password protected content detected (Medium)
34153: McAfee Security for Microsoft Exchange Signed content detected (Medium) 34159: McAfee Security for Microsoft Exchange Blocked mime type detected (Medium)
34154: McAfee Security for Microsoft Exchange Encrypted content detected (Medium) 34160: McAfee Security for Microsoft Exchange statistics and average scan time (Info)
34155: McAfee Security for Microsoft Exchange Corrupted content detected (Medium) 34161: McAfee Security for Microsoft Exchange TIE detection (Medium)
4 Click Save.
The selected events are forwarded at the next agent‑server communication.