Easy, highly distributed event collection

Protect All Collected Events

Collect tens of thousands of events per second with a single McAfee Event Receiver and cache all data locally to preserve it in the event of a network communication error or outage.

Leverage Diverse Collection Methods

Use various event collections, including passive log collection, authenticated log collection, CEF, OPSEC, SDEE, XML, ODBC, and encrypted collection validated to FIPS 140-2 Level 2.

Ensure Flexible Architecture

Select fully centralized all-in-one event collection and management or fully distributed event collection, available in both physical and virtual appliances and rated for several thousand to tens of thousands of events per second.

Scalable Log Collection

Collect event and flow information from hundreds of third-party devices, including intrusion prevention systems (IPS), switches, routers, servers, workstations, identity and authentication systems, vulnerability assessment scanners, and more.

Instant Access to Data

Preserve and store all details of parsed and correlated events in a highly indexed database for fast retrieval and analysis.

Systemwide Threat Detection

Correlate events collected by other distributed receivers to detect larger incidents.

Product features

Flexible Deployment Options

Make highly distributed deployment easier and more cost effective with virtual appliances.

Data Sheet


Free Trial


More Information

Contact Us
Trellix Logo

You're exiting McAfee Enterprise.

Please pardon our appearance as we transition from McAfee Enterprise to Trellix.

Exciting changes are in the works.

We look forward to discussing your enterprise security needs.

You will be redirected in 0 seconds. If not, please click here to continue

McAfee Logo