A wild card search can be done using '*' at the end of the query. The name of the group to which the endpoint belongs. The number of results to include on each page. Possible values are: CentOs, Debian, Fedora, MacOSX, Oracle, OSX, RedHat, SUSE, Ubuntu, Win10, Win2K, Win7, Win8, WinEmb7, WinEmb8, WinEmb81, WinFundamental, WinNT, Win2K3, Win2K8, Win2K8R2, WinVista, WinXP, WinXPEmb, WinXPProf64. The default is "0", which returns all results. Indicates when a computer's status was last updated. Base Command #įilters by the host name of the computer.
You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook.Īfter you successfully execute a command, a DBot message appears in the War Room with the command details. ParameterĬlick Test to validate the URLs, token, and connection. Search for Symantec Endpoint Protection V2.Ĭlick Add instance to create and configure a new integration instance. Navigate to Settings > Integrations > Servers & Services. A System Administrator (sysadmin) role is required.Ĭonfigure Symantec Endpoint Protection V2 on Cortex XSOAR # Note: An Administrator role does not have enough permissions for this integration. The following role is required to use the Symantec Endpoint Protection API:
Scan/Quarantine/content-update an endpoint. Query the Symantec Endpoint Protection Manager using the official REST API. To connect to the cloud portal, you enroll a 14.0.1 Symantec Endpoint Protection Manager domain in the 14.1 cloud portal.This Integration is part of the Symantec Endpoint Protection Pack. If you do not enroll in the cloud portal, you continue to manage your client computers entirely from Symantec Endpoint Protection Manager. The 14.1 cloud portal lets you manage Symantec Endpoint Protection Manager clients and includes some additional functionality that Symantec Endpoint Protection Manager does not have. You do not need to upgrade to a new 14.1 management server or new 14.1 clients. The functionality for Symantec Endpoint Protection Manager and the clients does not change, and the user interface for both components is still labeled as 14.0.1. Symantec Endpoint Protection 14.1 includes the cloud portal, a 14.0.1 Symantec Endpoint Protection Manager, and 14.0.1 clients. Version 14.1 releases about the same time as 14.0.1. 14.0.1 also includes components to connect to and manage Symantec Endpoint Protection Manager from a new cloud portal that is part of the subsequent release, version 14.1. Symantec Endpoint Protection 14.0.1 is the next release after version 14 MP2 and includes improvements for both the Symantec Endpoint Protection Manager and the Symantec Endpoint Protection clients.
0 kommentar(er)
