Skip to main content

FireEye Network Security (NX)

Download With Dependencies

FireEye Network Security is an effective cyber threat protection solution that helps organizations minimize the risk of costly breaches by accurately detecting and immediately stopping advanced, targeted, and other evasive attacks hiding in Internet traffic.

This pack includes XSIAM content.

How configure Rsyslog on FireEye

  1. Log into the FireEye appliance with an administrator account.
  2. Click Settings.
  3. Click Notifications.
  4. Click rsyslog.
  5. Check the Event type checkbox.
  6. Make sure Rsyslog settings are:
    • Default format: CEF
    • Default delivery: Per event
    • Default send as: Alert

Collect Events from Vendor

In order to use the collector, you can use one of the following options to collect events from the vendor:

In either option, you will need to configure the vendor and product for this specific collector.

Broker VM

You will need to use the information described here.\
You can configure the specific vendor and product for this instance.

  1. Navigate to Settings > Configuration > Data Broker > Broker VMs.
  2. Right-click, and select Syslog Collector > Configure.
  3. When configuring the Syslog Collector, set:
    • vendor as FireEye
    • product as mps




Cortex XSOARCortex XSIAM


CertificationRead more
Supported ByCortex
CreatedNovember 9, 2020
Last ReleaseDecember 2, 2022

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.