The Veeam App for Palo Alto Networks XSOAR allows Veeam Data Platform Advanced and Premium customers to combine the automation and orchestration features of Cortex XSOAR with a simple and powerful Veeam Data Platform that goes beyond backup, providing businesses with reliable data protection, seamless recovery, and streamlined data management. Using the data received from Veeam Backup & Replication and Veeam ONE REST APIs the Veeam App creates custom incidents related to malware detection and the health state of the backup infrastructure components. These incidents can be managed through built-in Veeam Incident Dashboard and resolved manually or automatically with built-in Veeam playbooks.

The pack includes:

Veeam Incident Dashboard: an overview of all API activities and incidents handled by the Veeam App
Leverage custom incident types and fields related to malware detection and health state of the backup infrastructure components
Predefined incident classifiers and incoming mappers for incident types
Ingestion of the most important security alerts and detections:
- Configuration Backup State
- Malware Detection
- Backup Repository State
- Triggered Alarm
Predefined playbooks to remediate incidents:
- Start configuration backup
- Start Instance VM Recovery manually
- Start Instance VM Recovery automatically
- Resolve alarms triggered by Veeam ONE

Documentation

Veeam App for Palo Alto XSOAR User Guide

Name	Description
GetFolderName
GetRestoredVmName
GetHostName

Name	Description
Veeam Backup & Replication Incidents Classifier
Veeam One Incidents Classifier
Veeam Backup & Replication Incoming Mapper
Veeam One Incoming Mapper

Name	Description
Veeam Event Source Description
Veeam Assigned Object
Veeam Alarm Template ID
Veeam Number of Triggered Alarms
Veeam Backup Object ID
Veeam Last Successful Backup
Veeam Triggered Time
Veeam Event Type Description
Veeam Backup Repository ID
Veeam Malware Detection Method
Veeam Notifications
Veeam Remediation
Veeam Backup Repository Capacity (GB)
Veeam Is Enabled
Veeam Backup Repository Free Space (GB)
Veeam Malware Status
Veeam Number of Stored Restore Points
Veeam Alarm Status
Veeam Alarm Template Name
Veeam Encryption
Veeam Backup Repository Used Space (GB)
Veeam Malware Detection Time
Veeam Backup Scheduling
Veeam Backup Repository Name
Veeam Affected Machine

Name	Description
Malware Detection - Deleted Files
Job Duration
Virtual Machine Replica
Enterprise Application Backup
Malware Detection - Antivirus Scan
Possible Malware Activity
Malware Detection - Unknown
Incremental Backup Size
Malware Detection - Encrypted Files
Malware Detection Change Tracking
Job Disabling
Malware Detection - Yara Scan
Malware Detection - Suspicious Files and Extensions
Job Duration Deviation (Veeam Backup for Microsoft 365)
Malware Detection - Ransomware Notes
Incident Fetch Error
Backup Copy Creation Time
Backup Server Security Status
Physical Machine Backup
Configuration Backup
Immutability State
Virtual Machine Backup
Repository Capacity
Immutability Change Tracking
Malware Detection - Renamed Files

Name	Description
Veeam ONE REST API (Partner Contribution)	Veeam ONE REST API allows you to query information about Veeam ONE entities and perform operations with these entities using HTTP requests and standard HTTP methods.
Veeam Backup & Replication REST API (Partner Contribution)	Veeam Backup & Replication REST API allows you to query information about Veeam Backup & Replication entities and perform operations with these entities using HTTP requests and standard HTTP methods.

Veeam App for Palo Alto Networks XSOAR

Documentation

PUBLISHER

PLATFORMS

INFO

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Name	Description
Backup Repository State	Backup Repository State
Triggered Alarm	Triggered Alarm
Configuration Backup	Configuration Backup
Malware Detection	Malware Detection

Name	Description
Veeam - Start Instant VM Recovery Manually	Starts Instant VM Recovery with manual configuration.
Veeam - Start Configuration Backup	Starts configuration backup job for the Veeam Backup & Replication instance.
Veeam - Start Instant VM Recovery Automatically	Starts Instant VM Recovery with automatic configuration.
Veeam - Resolve Triggered Alarms	Resolves Veeam ONE triggered alarms.

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Playbooks	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR
Filters And Transformers	By: Cortex XSOAR

Pack Name	Pack By
Base	By: Cortex XSOAR
Cortex REST API	By: Cortex XSOAR
Filters And Transformers	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR
Rasterize	By: Cortex XSOAR
Common Playbooks	By: Cortex XSOAR

Certification	Certified	Read more
Supported By	Partner
Created	September 4, 2024
Last Release	September 4, 2024