Warning
Splunkbase Classic has been deprecated and will be deactivated on February 18, 2026.
FireEye HX app icon

FireEye HX

FireEye HX Endpoint Security

Built by
soar product badge
Latest Version 2.3.2
April 28, 2025
Compatibility
SOAR On-Prem, SOAR Cloud
Platform Version: 8.4, 8.0, 7.2, 7.1, 7.0, 6.4, 6.3, 6.2, 6.1, 6.0, 5.5, 5.4, 5.3, 5.2, 5.1
Rating

0

(0)

Log in to rate this app
Support
FireEye HX support icon
Not Supported
Ranking

#46

in Endpoint
FireEye HX Endpoint Security

Supported Actions

  • test connectivity: Validate the asset configuration for connectivity using supplied configuration
  • get system info: Get system information for an endpoint
  • quarantine device: Request to contain the endpoint
  • get quarantine status: Get the containment status for an endpoint
  • set quarantine approved: Approve containment request for host
  • unquarantine device: Containment cancellation for host
  • get acquisition status: Get status of file acquisition
  • get triage: Request Endpoint Host Triage Package
  • list device groups: Retrieve a list of host sets in HX optionally filtered by name
  • get device group: List endpoints in a host set
  • list endpoints: List and search the endpoints on HX
  • list acquisitions: Retrieve a list of all acquisitions with optional filters
  • start acquisition: Request a file to be acquired into FireEye HX
  • get file: Pull the acquired file into Phantom Vault
  • get alert: Pull single alert info by ID

Categories

Endpoint

Created By

SOAR Community

Source Code

GitHub(Opens new window)

Type

connector

Downloads

1,170

Licensing

Apache License 2.0(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing