Latest Version 2.3.2
April 28, 2025
Warning
Splunkbase Classic has been deprecated and will be deactivated on February 18, 2026.
FireEye HX
FireEye HX Endpoint Security
Built by
Compatibility
SOAR On-Prem, SOAR Cloud
Platform Version: 8.4, 8.0, 7.2, 7.1, 7.0, 6.4, 6.3, 6.2, 6.1, 6.0, 5.5, 5.4, 5.3, 5.2, 5.1
Rating
0
(0)
Log in to rate this app
Support
Not Supported
Ranking
#46
in Endpoint
FireEye HX Endpoint Security
Supported Actions
- test connectivity: Validate the asset configuration for connectivity using supplied configuration
- get system info: Get system information for an endpoint
- quarantine device: Request to contain the endpoint
- get quarantine status: Get the containment status for an endpoint
- set quarantine approved: Approve containment request for host
- unquarantine device: Containment cancellation for host
- get acquisition status: Get status of file acquisition
- get triage: Request Endpoint Host Triage Package
- list device groups: Retrieve a list of host sets in HX optionally filtered by name
- get device group: List endpoints in a host set
- list endpoints: List and search the endpoints on HX
- list acquisitions: Retrieve a list of all acquisitions with optional filters
- start acquisition: Request a file to be acquired into FireEye HX
- get file: Pull the acquired file into Phantom Vault
- get alert: Pull single alert info by ID
Categories
Endpoint
Created By
SOAR Community
Source Code
GitHub(Opens new window)Type
connector
Downloads
1,168
Licensing
Apache License 2.0(Opens new window)Splunk Answers
Ask a question about this app listing(Opens new window)Resources
Log in to report this app listing