jameer2000 Absent Member.
Absent Member.
379 views

FireEye Payload.

I would like to retrieve payload from my fireeye web mps device into the ESM.  Does any know what field on the connector has to be turned on.

Or what is the best way to retrieve Fireeye payload data in the ESM. 

Labels (3)
0 Likes
Reply
3 Replies
Highlighted
aaron.wayne@hpe1 Absent Member.
Absent Member.

Re: FireEye Payload.

currently they do not have the capability for this; however, i plan on eventually getting around to writing a tool to do this.

I have done something similar with palo alto networks devices.

0 Likes
Reply
aaron.wayne@hpe1 Absent Member.
Absent Member.

Re: FireEye Payload.

oh forgot to mention I will post the script here when I finally hack my way around to get what I am trying to do to work.

0 Likes
Reply
aaron.wayne@hpe1 Absent Member.
Absent Member.

Re: FireEye Payload.

I will post this to this thread later today it will only cost you one large Dominos pizza.  

Sorry for the delay in response busy like the rest of the world.  I will show you how to edit the code to fit your environment.  Can help you compile the code into a binary .exe file for easy portability.  That connector works by default cef udp and you cant send payload via udp anyway I can help.

0 Likes
Reply
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.