`mcafee.msc`#

$ target-query <path/to/target> -f mcafee.msc

Details#
Module	`apps.av.mcafee.McAfeePlugin`
Output	`records`

Module documentation

No documentation

Function documentation

Return msc log history records from McAfee.

Yields McAfeeMscLogRecord with the following fields:: hostname (string): The target hostname. domain (string): The target domain. ts (datetime): timestamp. ip (net.ipadress): IP of suspicious connection (if available). tcp_port (net.tcp.Port): TCP Port of suspicious incoming connection (if available). udp_port (net.udp.Port): UDP Port of suspicious incoming connection (if available). threat (string): Description of the detected threat (if available). message (string): Message as reported in the user interface (might include template slots). keywords (string): Unparsed fields that might be visible in user interface. fkey (string): Foreign key for reference for further investigation.

mcafee.msc#