Security Operations - McAfee ESM Sightings Search workflow

Security Operations - McAfee ESM Sightings Search workflow is the implementation for the Splunk integration launched by the Security Operations Integration - Sightings Search workflow.

About this task

Workflow process activities include:

• Execution Tracking - Begin activity
• Collect McAfee Configurations activity
• Capability Execution Tracking - Failure activity
• McAfee ESM Event Query activity
• Checks to see if the MID Server is running.
• Persist Observable Sightings activity - returns search results in an array.
• Capability Execution Tracking - Complete activity