McAfee ATD

Version: 2.0.1

McAfee Advanced Threat Defense enhances protection from the network edge to the endpoint and enables investigation.

Connect McAfee ATD with LogicHub

  1. Navigate to Automations > Integrations.
  2. Search for McAfee ATD.
  3. Click Details, then the + icon. Enter the required information in the following fields.
    • Label: Enter a connection name.
    • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
    • Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
    • Remote Agent: Run this integration using the LogicHub Remote Agent.
    • Host: Host for McAfee ATD instance.
    • Username: Username for McAfee ATD.
    • Password: Password for McAfee ATD.
  4. After you've entered all the details, click Connect.

Actions for McAfee ATD

Scan File And Wait For Report

Submits file for scan and waits for the analysis to be completed.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Analyzer Profile Id

The profile ID number can be found in the UI Policy/Analyzer Profile page.

Required

Column for File ID

Column name from parent table containing File ID.

Required

Column for File Name

Column name from parent table containing File Name.

Required

Scan File

Submits file for scan and returns Job ID.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Analyzer Profile Id

The profile ID number can be found in the UI Policy/Analyzer Profile page.

Required

Column for File ID

Column name from parent table containing File ID.

Required

Column for File Name

Column name from parent table containing File Name.

Required

Scan URL

Submits a URL for scan and returns a job ID (subId).

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Analyzer Profile Id

Select the name of the column name from parent table to lookup value for.

Required

Column for URL

Column name from parent table containing a URL.

Required

Message ID

String to identify the sample within ATD (up to 128 characters).

Required

Get Report

Retrieve report for already submitted files for scan.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Column name

Column name from parent table containing job ID of already submitted files for scan.

Required

Release Notes

  • v2.0.1 - Added documentation link in the automation library.

Did this page help you?
© 2017-2021 LogicHub®. All Rights Reserved.