Nozomi Networks

The Nozomi Networks platform, available as a hardware, virtual appliance, or via the Vantage Cloud product, provides comprehensive monitoring for OT, IoT, and IT networks. It combines asset discovery, network visualization, vulnerability assessment, risk monitoring, and advanced threat detection in a unified solution. The integration is designed to gather alerts and asset information from Nozomi, whether deployed on-premises or in the cloud via Vantage, ensuring seamless visibility and security across environments.

Network Security · Nozomi Networks

Configuration parameters

  • endpoint — Endpoint url (required)
  • credentials — Username (required)
  • insecure — Trust any certificate (not secure)
  • proxy — Use system proxy settings
  • isFetch — Fetch incidents
  • incidentType — Incident type
  • fetchTime — Get incidents from last
  • riskFrom — Get incidents from risk level
  • fecthAlsoIncidents — Fetch also Nozomi incidents
  • incidentFetchInterval — Incidents Fetch Interval
  • incidentPerRun — Incidents per run

Commands (5)

  • nozomi-close-incidents-as-change

    Close incidents as change.

  • nozomi-close-incidents-as-security

    Close incidents as security.

  • nozomi-find-assets

    This command permits you to get some assets from Nozomi, you can use the query filter to to refine your search. With the limits you can decide the max number of assets you can retrieve from Nozomi, the limit can't be bigger than 100.

  • nozomi-find-ip-by-mac

    Find a node ip from a mac address.

  • nozomi-query

    Can execute a nozomi query to get all the information you want. A query can be something like that: "alerts | select id name status ack | where status == open" Take a look to n2os manual to know how to do a query.