mcafee.msc
#
$ target-query <path/to/target> -f mcafee.msc
Module |
|
Output |
|
Module documentation
No documentation
Function documentation
Return msc log history records from McAfee.
- Yields McAfeeMscLogRecord with the following fields:
hostname (string): The target hostname. domain (string): The target domain. ts (datetime): timestamp. ip (net.ipadress): IP of suspicious connection (if available). tcp_port (net.tcp.Port): TCP Port of suspicious incoming connection (if available). udp_port (net.udp.Port): UDP Port of suspicious incoming connection (if available). threat (string): Description of the detected threat (if available). message (string): Message as reported in the user interface (might include template slots). keywords (string): Unparsed fields that might be visible in user interface. fkey (string): Foreign key for reference for further investigation.