McAfee ATD

McAfee Advanced Threat Defense enhances protection from the network edge to the endpoint and enables investigation.

Integration with LogicHub

Connecting with McAfee ATD

To connect to McAfee ATD following details are required:

  • Label: Connection name.
  • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
  • Host: Host for McAfee ATD instance.
  • Username: Username for McAfee ATD.
  • Password: Password for McAfee ATD.

Actions with McAfee ATD

Scan File And Wait For Report

Submits file for scan and waits for the analysis to be completed.

Inputs to this Action

  • Connections: Choose a connection that you have created.
  • Analyzer Profile Id: The profile ID number can be found in the UI Policy/Analyzer Profile page.
  • Column for File ID: Column name from parent table containing File ID
  • Column for File Name: Column name from parent table containing File Name

Scan File

Submits file for scan and returns Job ID.

Inputs to this Action

  • Connections: Choose a connection that you have created.
  • Analyzer Profile Id: The profile ID number can be found in the UI Policy/Analyzer Profile page.
  • Column for File ID: Column name from parent table containing File ID.
  • Column for File Name: Column name from parent table containing File Name.

Scan URL

Submits a URL for scan and returns a job ID (subId).

Inputs to this Action

  • Connections: Choose a connection that you have created.
  • Analyzer Profile Id: Select the name of the column name from parent table to lookup value for.
  • Column for URL: Column name from parent table containing a URL
  • Message ID: String to identify the sample within ATD (up to 128 characters)

Get Report

Retrieve report for already submitted files for scan.

Inputs to this Action

  • Connections: Choose a connection that you have created.
  • Column name: Column name from parent table containing job ID of already submitted files for scan.

Did this page help you?