Skip to content
This repository has been archived by the owner on May 23, 2019. It is now read-only.

FireEye

Jump to bottom
Gabriel Iovino edited this page May 11, 2015 · 4 revisions

This page is Under Construction

Ingress

Explore taking in data from a FireEye appliance. On page 9 of the guide[1] it looks like you can export FireEye notifications to:

  1. Email
  2. HTTP
  3. rsyslog
  4. SNMP

In the following formats:

  1. Text (Normal, Concise, Extended)
  2. JSON (Normal, Concise, Extended)
  3. XML (Normal, Concise, Extended)

ToDo:

Export JSON -> Store JSON -> Parse JSON -> Push threat intelligence into CIF

[1] FireEye + Splunk: Intermediate Guide
https://www.fireeye.com/resources/pdfs/FireEye-Splunk-Intermediate-Guide.pdf

Creative Commons License

Clone this wiki locally