Creates a connection to a remote destination from Tanium Threat Response v2 v2
Tanium Threat Response
- Details
- Content
- Dependencies
- Version History
Use the Tanium Threat Response integration to manage endpoints processes, evidence, alerts, files, snapshots, and connections.
Classifiers
| Name | Description |
|---|---|
Tanium Threat Response |
Incident Fields
| Name | Description |
|---|---|
Tanium Threat Response Priority | |
Tanium Threat Response Scan Config Id | |
Tanium Threat Response Type | |
Tanium Threat Response GUID | |
Tanium Threat Response Event Id | |
Tanium Threat Response Intel Doc Id | |
Tanium Threat Response Scan Config Revision Id | |
Tanium Threat Response Intel Doc Revision Id |
Layouts
| Name | Description |
|---|---|
Tanium Threat Response |
Incident Types
| Name | Description |
|---|---|
Tanium TR Incident |
Playbooks
| Name | Description |
|---|---|
Tanium Threat Response - Create Connection v2 | |
Tanium Threat Response - Request File Download | Request file download from Tanium Threat Response. |
Tanium Threat Response - Create Connection | Creates a connection to a remote destination from Tanium Threat Response. |
Tanium Threat Response - Request File Download v2 | Request file download from Tanium Threat Response v2. |
Integrations
| Name | Description |
|---|---|
| Tanium Threat Response v2 | Use the Tanium Threat Response integration to manage endpoint processes, evidence, alerts, files, snapshots, and connections. This integration works with Tanium Threat Response version 3.0.159 and above. |
| Tanium Threat Response | Use the Tanium Threat Response integration to manage endpoints processes, evidence, alerts, files, snapshots, and connections. This Integration works with Tanium Threat Response version below 3.0.159. In order to use Tanium Threat Response version 3.0.159 and above, use Tanium Threat Response V2 Integration. |
Classifiers
| Name | Description |
|---|---|
Tanium Threat Response |
Incident Fields
| Name | Description |
|---|---|
Tanium Threat Response Priority | |
Tanium Threat Response Scan Config Id | |
Tanium Threat Response Type | |
Tanium Threat Response GUID | |
Tanium Threat Response Event Id | |
Tanium Threat Response Intel Doc Id | |
Tanium Threat Response Scan Config Revision Id | |
Tanium Threat Response Intel Doc Revision Id |
Incident Types
| Name | Description |
|---|---|
Tanium TR Incident |
Playbooks
| Name | Description |
|---|---|
Tanium Threat Response - Create Connection v2 | Creates a connection to a remote destination from Tanium Threat Response v2 v2 |
Tanium Threat Response - Request File Download | Request file download from Tanium Threat Response. |
Tanium Threat Response - Create Connection | Creates a connection to a remote destination from Tanium Threat Response. |
Tanium Threat Response - Request File Download v2 | Request file download from Tanium Threat Response v2. |
Integrations
| Name | Description |
|---|---|
| Tanium Threat Response v2 | Use the Tanium Threat Response integration to manage endpoint processes, evidence, alerts, files, snapshots, and connections. This integration works with Tanium Threat Response version 3.0.159 and above. |
| Tanium Threat Response | Use the Tanium Threat Response integration to manage endpoints processes, evidence, alerts, files, snapshots, and connections. This Integration works with Tanium Threat Response version below 3.0.159. In order to use Tanium Threat Response version 3.0.159 and above, use Tanium Threat Response V2 Integration. |
Required Content Packs (2)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
| Common Playbooks | By: Cortex XSOAR |
Optional Content Packs (1)
| Pack Name | Pack By |
|---|---|
| Common Types | By: Cortex XSOAR |
All level dependencies (5)
| Pack Name | Pack By |
|---|---|
| Filters And Transformers | By: Cortex XSOAR |
| Common Playbooks | By: Cortex XSOAR |
| MITRE ATT&CK | By: Cortex XSOAR |
| Cortex REST API | By: Cortex XSOAR |
| Rasterize | By: Cortex XSOAR |
2.1.1 - 3702189 (September 21, 2022)
- 21418
Download
Integrations
Tanium Threat Response v2
- Fixed an issue where the arguments passed to the tanium-tr-create-connection command were not converted to string and were causing an error when using the command in a playbook.
- Updated the Docker image to: demisto/lxml:1.0.0.34090.
- 21418
Download
2.1.0 - 3222685 (July 7, 2022)
- 19821
- 19572
Download
Integrations
Tanium Threat Response v2
- You can now filter fetched alerts by label name with the filter_by_label_name argument in the fetch-incidents command parameter of the instance configuration.
- Added the intel document data to the fetched alert. When an incident for an alert is created, the intel document data is available for use in mappers or classifiers.
- Added the intel document labels to the fetched alert. When an incident for an alert is created, an additional API call is made to get the intel doc label names (useful for mapping or preprocessing incidents).
- Updated the Docker image to: demisto/lxml:1.0.0.31639.
- 19821
- 19572
Download
2.0.14 - 2962208 (May 22, 2022)
Integrations
Tanium Threat Response
- Updated the Docker image to: demisto/python3:3.10.4.29342.
2.0.13 - 2674843 (March 30, 2022)
Integrations
Tanium Threat Response v2
- Added type validations and other internal code improvements.
PUBLISHER
Cortex
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | September 23, 2020 | |
| Last Release | March 22, 2023 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
