This repository has been archived by the owner on Aug 31, 2018. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 159
FireEye MPS & MAS
robfry edited this page Nov 10, 2014
·
1 revision
FireEye has two ways for alerts to be processed... email or syslog. Depending on your network and FireEye configuration one or both of these might be useful to you.
This one is used to have the FireEye MPS or MAS appliance send alerts to an email address used by FIDO to pull in alerts and parse them to feed them in to the FIDO assembly line.
This one is used to have the FireEye MPS or MAS appliance send alerts to a syslog listener used by FIDO to write alerts to the FIDO database to parse them and feed them in to the FIDO assembly line.