Skip to main content

Forescout EyeInspect

Download With Dependencies

Get in-depth device visibility for OT networks

This pack enables you to gain complete device visibility in-depth device visibility for your computing systems that are used to manage industrial operations.

What does this pack do?

  • Retrieve information about the hosts, links, and alerts in the eyeInspect CC database.
  • Retrieve information about a specific vulnerability stored in the eyeInspect CC database.
  • Retrieve the PCAP file associated to a given alert.
  • Retrieve information about the sensors associated to the eyeInspect CC.
  • Retrieve information about the modules of a specified sensor.
  • Change the properties of specified module.
  • Delete the specified module from the specified sensor and from the eyeInspect CC database.
  • Retrieve the IP blacklist from the Industrial Threat Library of a specified sensor.
  • Add a new entry to the IP blacklist from the Industrial Threat Library of a specified sensor.
  • Retrieve the domain name blacklist from the Industrial Threat Library of a specified sensor.
  • Add a new entry to the domain name blacklist from the Industrial Threat Library of a specified sensor.
  • Retrieve the SSL client application blacklist from the Industrial Threat Library of a specified sensor.
  • Add a new entry to the SSL client application blacklist from the Industrial Threat Library of a specified sensor.
  • Retrieve the file operation blacklist from the Industrial Threat Library of a specified sensor.
  • Add entries to the file operation blacklist from the Industrial Threat Library of a specified sensor.
  • Retrieve information about all monitored Command Center resources and their health status excluding the logs.
  • Download the ZIP file that contains diagnostic logs of the Command Center.
  • Get, create, update, delete group policies.
  • Add all hosts not assigned to any policy (individual or group) matching the filter to the group policy.
  • Unassign all hosts assigned to the group policy matching the filter.
  • Get all IP reuse domains.
  • Retrieve information about the changes of host properties and configuration from the eyeInspect CC database.

This pack enables you to gain complete device visibility in-depth device visibility for your computing systems that are used to manage industrial operations.

What does this pack do?

  • Retrieve information about the hosts, links, and alerts in the eyeInspect CC database.
  • Retrieve information about a specific vulnerability stored in the eyeInspect CC database.
  • Retrieve the PCAP file associated to a given alert.
  • Retrieve information about the sensors associated to the eyeInspect CC.
  • Retrieve information about the modules of a specified sensor.
  • Change the properties of specified module.
  • Delete the specified module from the specified sensor and from the eyeInspect CC database.
  • Retrieve the IP blacklist from the Industrial Threat Library of a specified sensor.
  • Add a new entry to the IP blacklist from the Industrial Threat Library of a specified sensor.
  • Retrieve the domain name blacklist from the Industrial Threat Library of a specified sensor.
  • Add a new entry to the domain name blacklist from the Industrial Threat Library of a specified sensor.
  • Retrieve the SSL client application blacklist from the Industrial Threat Library of a specified sensor.
  • Add a new entry to the SSL client application blacklist from the Industrial Threat Library of a specified sensor.
  • Retrieve the file operation blacklist from the Industrial Threat Library of a specified sensor.
  • Add entries to the file operation blacklist from the Industrial Threat Library of a specified sensor.
  • Retrieve information about all monitored Command Center resources and their health status excluding the logs.
  • Download the ZIP file that contains diagnostic logs of the Command Center.
  • Get, create, update, delete group policies.
  • Add all hosts not assigned to any policy (individual or group) matching the filter to the group policy.
  • Unassign all hosts assigned to the group policy matching the filter.
  • Get all IP reuse domains.
  • Retrieve information about the changes of host properties and configuration from the eyeInspect CC database.

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByCortex
CreatedMay 1, 2022
Last ReleaseAugust 11, 2024
WORKS WITH THE FOLLOWING INTEGRATIONS:
DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.