Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2371
Views
0
Helpful
1
Replies

ThreatGRID analysis notification

gabrieleferrari
Level 1
Level 1

‎11-16-2017 07:48 AM - edited ‎02-20-2020 09:05 PM

Hi All,

I have a question about ThreatGRID appliance integrated with Cisco ESA for local sandbox analysis.

Is it possible to receive notification from ThreatGRID appliance in case of an analized file is classified as Malware?

I.E could be a good option a Syslog Message, an SNMP trap or an HTTP Post through API.

I've seen that in ESA these information are stored in the amp and mail_log log files but mixed with information about good reputation files.

Thanks

Best regards

Gabriele

0 Helpful
1 Reply 1

yogdhanu
Cisco Employee
Cisco Employee

‎12-20-2017 10:42 AM

Hello,

There is syslog option in Threatgrid. There is also TG API you can use.

All API documentation can be found here at https://panacea.threatgrid.com/doc/main/api.html

Thanks,

Yogesh

0 Helpful
Customers Also Viewed These Support Documents