Configuration parameters
credentials— Credentials (required)server— Awake Security server address (required)unsecure— Trust any certificate (not secure)isFetch— Fetch incidentsincidentType— Incident typeproxy— Use system proxy settingsthreat_behaviors— Comma-separated list of threat behaviors to generate incidents for, e.g., "Exfiltration: SSL upload from non-browser to notable domain, Lateral Movement: Unix-based PSEXEC, C2: Possible ICMP tunnel"fetch_interval— Period between incident fetch interval (in minutes) (required)suspicious_threshold— Minimum threshold to determine an indicator suspicious in Demisto (required)malicious_threshold— Minimum threshold to determine an indicator malicious in Demisto (required)integrationReliability— Source ReliabilityfeedExpirationPolicy—feedExpirationInterval—
Commands (8)
-
awake-pcap-downloadDownload a PCAP.
-
awake-query-activitiesQuery activities in Awake Security.
-
awake-query-devicesQuery devices in Awake Security.
-
awake-query-domainsQuery domains in Awake Security.
-
deviceLookup and enrich a device.
-
domainLookup and enrich a domain.
-
emailLookup and enrich an email address.
-
ipLookup and enrich an IP address.