Symantec Endpoint Protection 12

Integration version: 11.0

Configure Symantec Endpoint Protection integration in Google Security Operations SOAR

For detailed instructions on how to configure an integration in Google Security Operations SOAR, see Configure integrations.

Actions

Get Report

Description

Get a command status report.

Parameters

Parameter Type Default Value Description
Command IDS String 7E975C32C71349E9BE495EC2220B902F N/A

Use cases

N/A

Run On

This action runs on all entities.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
reports N/A N/A
JSON Result
[
    {
        "computerName": "HOST_1",
        "subStateId": 0,
        "hardwareKey": "36817A7B13C3A6317932AD9819097123",
        "computerId": "9C9850840A0000BD3566F8ECC8417123",
        "domainName": "Default",
        "stateId": 0,
        "computerIp": "1.1.1.1",
        "currentLoginUserName": "admin"
    }, {
        "computerName": "HOST_2",
        "subStateId": 0,
        "hardwareKey": "36817A7B13C3A6317932AD9819097123",
        "computerId": "9C9850840A0000BD3566F8ECC8417123",
        "domainName": "Default",
        "stateId": 0,
        "computerIp": "1.1.1.1",
        "currentLoginUserName": "admin"
    }
]

Scan Endpoint

Description

Scan an endpoint.

Parameters

Parameter Type Default Value Description
Scan Type List` ScanNow_Full The type of the scan to perform. ScanNow_Full = Full scan, ScanNow_Quick = quick scan, ScanNow_Custom = custom scan.

Use cases

N/A

Run On

This action runs on the following entities:

  • IP Address
  • Hostname

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Update and Scan Endpoint

Description

Update and scan an endpoint.

Parameters

N/A

Use cases

N/A

Run On

This action runs on the following entities:

  • IP Address
  • Hostname

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Update Endpoint

Description

Update an endpoint.

Parameters

N/A

Use cases

N/A

Run On

This action runs on the following entities:

  • IP Address
  • Hostname

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Ping

Description

Test Connectivity.

Parameters

N/A

Use cases

N/A

Run On

This action runs on all entities.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Need more help? Get answers from Community members and Google SecOps professionals.