Nozomi Networks sensor integration
The Nozomi Networks platform is used to monitor OT/IoT/IT networks. It combines asset discovery, network visualization, vulnerability assessment, risk monitoring and threat detection in a single solution.
This integration is used to gather alert and asset information from Nozomi.
What does this pack do?
With the NozomiNetworks pack you can:
- Manage incidents
- Import and sync the Nozomi incidents
- You have to look for Nozomi Networks in the Settings > Integrations > Servers & Services section and add an instance.
- Through the nozomi-close-incidents-as-change and nozomi-close-incidents-as-security commands close the incidents inside the Nozomi platform
- Import and sync the Nozomi incidents
- Find assets
- the command nozomi-find-assets return the asset filtered with the attributes passed.
- Query Nozomi entities
- the nozomi-query is a generic command that can be used to query all the Nozomi entities.
- Find ip by mac
- with the command nozomi-find-ip-by-mac