FireEye Email Security
FireEye Email Security (EX) series protects against breaches caused by advanced email attacks.
Email · FireEye Email Security (EX)
Configuration parameters
url— Your server URL (required)credentials— Username (required)isFetch— Fetch incidentsmax_fetch— Max incidents to fetchfirst_fetch— First fetch timestamp (<number> <time unit>, e.g., 12 hours, 7 days, 3 months, 1 year)incidentType— Incident typeinfo_level— Info level for fetched alertsinsecure— Trust any certificate (not secure)proxy— Use system proxy settings
Commands (17)
-
fireeye-ex-create-allowedlistCreates allowed sender domain.
-
fireeye-ex-create-blockedlistCreates the blocked sender domain.
-
fireeye-ex-delete-allowedlistDeletes the allowed sender domain.
-
fireeye-ex-delete-blockedlistDeletes the blocked sender domain.
-
fireeye-ex-delete-quarantined-emailsDeletes quarantined emails. This is not available when Email Security is in Drop mode.
-
fireeye-ex-download-quarantined-emailsDownload quarantined emails.
-
fireeye-ex-get-alert-detailsSearches and retrieves the details of a single alert.
-
fireeye-ex-get-alertsSearches and retrieves FireEye EX alerts based on several filters.
-
fireeye-ex-get-artifacts-by-uuidDownloads malware artifacts data for the specified UUID as a zip file.
-
fireeye-ex-get-artifacts-metadata-by-uuidGets artifacts metadata for the specified UUID.
-
fireeye-ex-get-quarantined-emailsSearches and retrieves quarantined emails.
-
fireeye-ex-get-reportsReturns reports on selected alerts.
-
fireeye-ex-list-allowedlistLists the allowed sender domain by type.
-
fireeye-ex-list-blockedlistLists the blocked sender domain by type.
-
fireeye-ex-release-quarantined-emailsReleases and deletes quarantined emails. This is not available when Email Security is in Drop mode.
-
fireeye-ex-update-allowedlistUpdates the allowed sender domain.
-
fireeye-ex-update-blockedlistUpdates the blocked sender domain.