Knowledge Center

How to use MER tools with supported McAfee products
Technical Articles ID:   KB59385
Last Modified:  9/19/2017


McAfee Minimum Escalation Requirements (MER) tools
Multiple McAfee products


The MER tools collect the following McAfee product data from your computer so that Technical Support can analyze and resolve issues:
  • Event logs
  • File version details
  • Files
  • Process details
  • Registry details

WebMER tool
The WebMER tool covers a large number of McAfee products running on Windows operating systems. See KB69396 for the products and operating systems currently supported.

There is also an ePolicy Orchestrator (ePO) deployable version that uses the ePO console to run the tool on client computers. See KB69308 for details.

How to use the WebMER tool 
  1. Download the WebMER tool:
    1. Log on to the ServicePortal.
    2. Download the WebMER tool at: https://support.mcafee.com/webmer

      You can select from the following three download formats:
      Download format File Comment
      EXE Mer.exe  
      ZIP Mer.zip  
      ProtectedZip MerProtected.zip Password is secret

       NOTE: If you download the file as a ZIP or ProtectedZip, you must extract the tool. 
      You can select one of the following downloads:
      Download options

  2. Run the tool on the computer for which you need the report:
    1. Right-click Mer.exe, and select Run as Administrator.
    2. Select the required Language.
    3. Click I accept the 'End user License Agreement', and then click Next.
    4. By default, WebMER detects the installed products using Auto-Detect product(s). If you want the MER results for specific products, choose Select product(s) and then select the products you want.
    5. Click Start and wait for the WebMER tool to complete.
    6. Specify the location to save the <Computer_Name>_X.tgz file, and then click Save.

      NOTE: If the WebMER tool is run multiple times, the file name will increment the value X by 1.
  3. Upload the WebMER results to McAfee: 
    1. When you are prompted to Upload to McAfee, click Yes.
    2. In the SR # field, type your Service Request (SR) reference number.
    3. In the Email Address field, type your email address for this request.
    4. Click Upload. This uploads a file with the following file name: <Computer_Name>_<Service_Request_Number>X.tgz. Files uploaded in this fashion will be attached to the provided SR automatically, and will be viewable on the ServicePortal.
Command line options for the WebMER tool
You can run the WebMER tool from Windows Explorer, but you can also start it from a command line. When you run the MER tool from the command line, you can use the following parameters:
Switch Function
/save [path] Saves MER results to the full path specified.
Provides help for the command line.
/listproducts Lists supported products.
/detected Collects MER for installed McAfee products.
/prods Selected products for running MER.
/logs Number of days of Application Logs, System Logs, and Security logs to collect. Specify -1 to avoid collection for any of the event logs.
/silent MER runs in silent mode.
/sanitize Remove IP address, MAC address, Domain names, and Computer names from the MER result file.
/sr [SR number] Upload results to the provided SR number.

Example 1: MER.exe /detected /save c:\mer.tgz /silent
Example 2: MER.exe /prods "VirusScan Enterprise" /save c:\mer.tgz
Example 3: MER.exe /detected /save c:\mer.tgz /sr 1-123456789 /sanitize

Product-specific MER tools
These tools are for McAfee programs that use non-Windows operating systems. To collect MER data, download the appropriate MER tool using the following table:


McAfee Product Downloads Comments
Data Exchange Layer (DXL) Server MER tool is attached to KB82851.  
DLP Discover 9.4.x Gather additional logs manually. Run the WebMER tool and then see KB87249 to gather additional logs.
Email and Web Security appliance software 5.x
Email Gateway 7
Built in to the appliance troubleshooting tools. See KB51709 - EWS and MEG built-in troubleshooting tools.
Endpoint Protection for Mac (EPM) Has a built-in MER tool.* See KB87626 for instructions to run the MER tool.
Endpoint Security for Linux Threat Prevention (ENSLTP) Has a built-in MER tool. See KB88197 for instructions to run the MER tool.
Endpoint Security for Mac (ENSM) Has a built-in MER tool. See KB87626 for instructions to run the MER tool.
Host Intrusion Prevention 8.0 MER tool (Linux, Solaris):
https://support.mcafee.com/SPR/WebContent/ToolsBinaries/MERtool_v7.sh Navigate to the location of the (.sh) file and run the following command:
sudo sh ./MERtool_v7.sh
McAfee Agent for Linux / UNIX MER tool is attached to KB83005.  
McAfee Agent for Mac MER tool is attached to KB86785.  
Network Security Manager (NSM) InfoCollector
InfoCollector is supplied with ISM. The path to InfoCollector depends on the location of the NSM Installation:


Run the Infocollector.bat file to collect the logs. Refer to the accompanying readme.txt for instructions.
Policy Auditor Agent 5.0, 5.0.1, 5.1.0, 5.2.0 (Linux, HPUX, Mac, Solaris, AIX) PA_MER_Unix.zip  
Preventsys preventsys_mer_tool.zip  
Threat Intelligence Exchange (TIE) Server MER tool is attached to KB82850.  
VirusScan Command Line Scanner for Linux (UNIX) MER tool is attached to KB65782.  
VirusScan Command Line Scanner for Solaris MER tool is attached to KB65799.  
VirusScan for Mac (VSMAC)
Has a built-in MER tool.*

See KB87626 for instructions to run the MER tool.

VirusScan for UNIX linux-uvscan-mert.zip  

*For Apple System Profiler, see KB57072.


The content of this article originated in English. If there are differences between the English content and its translation, the English content is always the most accurate. Some of this content has been provided using Machine Translation translated by Microsoft.

Rate this document

Did this article resolve your issue?

Please provide any comments below

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms

 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.