Human-readable event message or description of the event This API supports search conditions (such as logical operators and special characters) to narrow the events to be retrieved. The time in the result schema and is typically the event creation time. You must specify the time range using the start_time parameter and the end_time parameter (the maximum time range is 7 days). !satp-command-cancel command=command_id Symantec ATP Command Cancel # Symantec ATP Command ID: command_id # IDĪccepts search requests over a specified time range and returns events that match the search condition. ![]() Satp-command-cancel Input # Argument NameĮrror code for cancelling - 0 if successful !satp-command-state command="command_id"" Human Readable Output # Symantec ATP Command ID: command_id # ID Retrieve the command state Base Command # For delete, array of objects, each with hash and device_uid attributes (supports comma-delimited hash:uid,hash:uid as well). Possible values are: isolate_endpoint, rejoin_endpoint, delete_endpoint_file.įor isolate and rejoin a list of endpoint ids (array or comma-separated). Issue commands to endpoints managed by Symantec Endpoint Protection Base Command # !satp-appliances Human Readable Output # appliance_id ![]() Retrieve the appliances configured with the versions Base Command # You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook.Īfter you successfully execute a command, a DBot message appears in the War Room with the command details. For example - "updated>='T15:39:55.616Z' and updated<'T00:00:00.000Z' "Ĭlick Test to validate the URLs, token, and connection. ![]() ParameterĬlient ID as generated in the ATP consoleįirst fetch timestamp (, e.g., 12 hours, 7 days). Search for Symantec Advanced Threat Protection.Ĭlick Add instance to create and configure a new integration instance. Navigate to Settings > Integrations > Servers & Services. Configure Symantec Advanced Threat Protection on Cortex XSOAR # This integration was integrated and tested with Symantec Advanced Threat Protection v3.0. Advanced protection capabilities from Symantec
0 Comments
Leave a Reply. |