Trigger additional actions in McAfee ePO integration

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 1 minute de lecture

    • The List Threat Events and Initiate Malware Scan capabilities can be triggered from Run Additional Actions.​

    Avant de commencer

    Role required: sn_si.admin

    Pourquoi et quand exécuter cette tâche

    You can configure and trigger additional actions in the McAfee ePO integration enables by using Run Additional Actions on Endpoint, which include the McAfee ePO List Threat Events and McAfee ePO Initiate Malware Scan capabilities.

    Procédure

    1. Navigate to Security Incidents > Show All Incidents.
    2. Select the security incident on which you want to run the additional actions.
    3. In the Related Links section, click Run Additional Action(s) on Endpoint.
    4. Browse and select the capability implementation that you want to trigger from the list of additional actions.
      For example, McAfee ePO List Threat Events.
    5. Select Include Related CI to run this additional action on all the related CIs of the profile.
      For example, if there are five CIs associated with the security incident, then the selected profile runs on all the five CIs.
    6. Click Run Additional Actions.
      Figure 1. McAfee ePO Threat Event Details
      McAfee ePO Threat Event Details
      Remarque :
      All the related list tables extend the base tables. In this example, the McAfee EPO Threat Event Details table is an extended table of the Additional Actions on Endpoint base table.
    7. View and validate the McAfee ePO Threat Event Details on the related lists.