Portnox

Integration version: 7.0

Configure Portnox Integration in Google Security Operations SOAR

For detailed instructions on how to configure an integration in Google Security Operations SOAR, see Configure integrations.

Actions

Enrich Device

Description

Enrich each of the query result devices (based on MAC address) with additional data from Portnox.

Parameters

N/A

Use cases

N/A

Run On

This action runs on the following entities:

  • IP Address
  • MAC Address

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Get Device History

Description

Get device history.

Parameters

Parameter Type Default Value Description
Days Backwards String N/A Fetch history 'x' days backwards. Example: 1

Use cases

N/A

Run On

This action runs on the following entities:

  • IP Address
  • MAC Address

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Get Device Locations

Description

Get the locations of a device.

Parameters

N/A

Use cases

N/A

Run On

This action runs on the following entities:

  • IP Address
  • MAC Address

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Get Installed Applications

Description

Get a list of all of the installed applications on a device.

Parameters

N/A

Use cases

N/A

Run On

This action runs on the following entities:

  • IP Address
  • MAC Address

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Get Open Ports

Description

Get a list of all open ports on a device.

Parameters

N/A

Use cases

N/A

Run On

This action runs on the following entities:

  • IP Address
  • MAC Address

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Get Services

Description

Get a list of all of the services on a device.

Parameters

N/A

Use cases

N/A

Run On

This action runs on the following entities:

  • IP Address
  • MAC Address

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Get User History

Description

Get the user authentication history of a device.

Parameters

N/A

Use cases

N/A

Run On

This action runs on the following entities:

  • IP Address
  • MAC Address

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Ping

Description

Test Connectivity.

Parameters

N/A

Use cases

N/A

Run On

This action runs on all entities.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
is_success True/False is_success:True/False
JSON Result
N/A

Revalidate Device

Description

Revalidate the device policy over Portnox NAC.

Parameters

Parameters Type Default Value Description
DeviceId String N/A The device to revalidate ID.

Use cases

N/A

Run On

This action runs on all entities.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
is_valid True/False is_valid:False
JSON Result
N/A

Revalidate Device by Address

Description

Revalidate a device by the IP address or by MAC address.

Parameters

N/A

Use cases

N/A

Run On

This action runs on the following entities:

  • IP Address
  • MAC Address

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A