Enrich Cisco AMP device using Cisco Orbital
  • 02 Dec 2024
  • 1 Minute to read
  • Dark
    Light
  • PDF

Enrich Cisco AMP device using Cisco Orbital

  • Dark
    Light
  • PDF

Article summary

Enrich Cisco AMP device using Cisco Orbital enriches devices fetched by the Cisco AMP adapter for:

  • Assets returned by the selected query or assets selected on the relevant asset page.

This action triggers a Live Cisco Orbital Query and adds the information returned by the query to each asset.

See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.

Note:

Required Fields

These fields must be configured to run the Enforcement Set.

  • Action name - The name of this Enforcement Action. The system sets a default name. You can change the name.
  • Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.

  • Client ID - Enter your Client ID. To generate your Client ID:
    1. Log into to the admin panel of Cisco AMP
    2. Go to the Business Page from the Accounts dropdown menu.
    3. Click Edit.
    4. Under Features, click on the "Regenerate…" button beside 3rd Party API Access to generate the Client ID.
  • Region - Select between North America, Asia Pacific, Japana and China, or Europe.
  • Cisco Orbital Query - Enter a Live Cisco Orbital Query.
  • Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.

Additional Fields

These fields are optional.

  • HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.
  • HTTPS Proxy User Name (optional) - The user name to use when connecting to the server using the  HTTPS Proxy.
  • HTTPS Proxy Password (optional) - The password to use when connecting to the server using the  HTTPS Proxy.
  • Gateway Name - Select the Gateway through which to connect to perform the action.

APIs

Axonius uses the Cisco Orbital API.

Required Permissions

The stored credentials, or those provided in Connection and Credentials, must have permission to perform this Enforcement Action.


For more details about other Enforcement Actions available, see Action Library.



Was this article helpful?