Skip to main content
Skip table of contents

FireEye Endpoint Security

FireEye Endpoint Security (formerly HX) is an agent-based Endpoint Security solution that provides malware detection and protection, file quarantine, and exploit detection and protection.

Configuring the Connector for FireEye Endpoint Security

To configure Lucidum to ingest data from FireEye Endpoint Security:

  1. Log in to Lucidum.

  2. In the left pane, click Connector.

  3. In the Connector page, click Add Connector.

  4. Scroll until you find the Connector you want to configure. Click Connect. The Settings page appears.

  5. In the Settings page, enter the following:

    • Host (required) - The hostname or IP Address of the FireEye Endpoint Security management server.

    • Port (optional) - Default is 3000.

    • User Name and Password (required) - A valid user account on FireEye Endpoint Security associated with the api_admin or api_analyst role.

    • Verify SSL. For future use.

  6. To test the configuration, click Test.

    • If the connector is configured correctly, Lucidum displays a list of services that are accessible with the connector.

    • If the connector is not configured correctly, Lucidum displays an error message.

Supported Actions

  • Run malware scans on Mac OSX hosts: POST ​/scans

  • Contain a host: POST/PATCH /hosts/{agent_id}/containment

  • Release a host from containment: DELETE /hosts​/{agent_id}​/containment

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.