Fidelis

Fidelis Elevate is a complete network and endpoint automated threat detection and response platform that improves SOC effectiveness and efficiency. It delivers comprehensive visibility, alert validation, and increased speed to a response by applying industry-leading threat intelligence (Fidelis Insight) to real-time and historical data.

Integration with LogicHub

Connecting with Fidelis

To connect to Fidelis following details are required:

  • Label: Connection name.
  • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
  • Fidelis API URL: URL to Web Server.
  • Username: Username to log in with.
  • Password: Password to log in with.

Actions with Fidelis

List Alerts

Get the list of all alerts.

Inputs to this Action

  • Connections: Choose a connection that you have created.
  • Severity: Severity (Default is All results).
  • Threat Score: Minimum Threat Score to return (Default is 0 Threat Score).
  • Malware Score: Minimum Malware Score to return (Default is Empty value).
  • Ticket Status: Ticket Status (Default is All results).
  • Maximum no of rows to retrieve: Maximum no of rows to retrieve (Default is 1000 rows and Max Limit is 100000 rows).
  • Time Range: Last X time range, days:hours:minutes:seconds. Example: 01:00:00:00. (Default is Batch start time).

Get Alert Details

Get the details of an alert.

Inputs to this Action

  • Connections: Choose a connection that you have created.
  • Alert ID column name: Column name from parent table containing alert id.

Delete Alert

Delete an alert by ID.

Inputs to this Action

  • Connections: Choose a connection that you have created.
  • Alert ID column name: Column name from parent table containing alert id.

Did this page help you?