Skip to main content

FireEye Central Management (CM)

fireeye-central-management-cm

Version: 1.1
Updated: Jul 06, 2023

Centralized device and intelligence management to correlate data across attack vectors.

Actions​

  • Get Alert Info (Enrichment) - Query FireEye CM for alert details.
  • Get ATI Details (Enrichment) - Query FireEye Advanced Threat Intelligence for intelligence data.
  • Get Event Info (Enrichment) - Get information from previously generated event.
  • Add Snort Rule (Containment) - Add a new Snort rule.
  • Add YARA Rule (Containment) - Add a new YARA rule.
  • Acknowledge Alert (Containment) - Notate previously generated alert.

Change Log​

  • June 21, 2019 - First upload
  • July 6, 2023 (v1.1) - Updated the integration with Environmental Variables
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.