Contact sales
Details

This workflow appears in the pivot menu and allows a user to isolate an endpoint in Trend Vision One.

Description

This workflow appears in the pivot menu and allows a user to isolate an endpoint in Trend Vision One. Supported observables: hostname, IP address, MAC address, Trend Vision One Agent ID

Target: Trend Vision One - v3.0

Steps:

  • Determine which observable type was provided:
    • If a Trend Agent ID, set the local ID variable
    • If a hostname, IP address, or MAC address, search for the endpoint and set the local ID variable (if an endpoint isn't found, end the workflow)
  • Request the endpoint be isolated
Required targets

This workflow requires the following targets to be available before it can be run.

Integration targets

  • Trend Vision One
About
Author
Cisco
Version
v1.1
Intent
Pivot Menu
Integration
Average rating
No ratings yet
Authorship
Cisco Managed
Contact and support information
https://support.cisco.com
External links

Content Licensing

Developer Community

Related workflows
Logo for Trend Vision One
Trend Vision One - Add IOC to Suspicious Object List
Cisco Managed
This workflow appears in the pivot menu and allows a user to add an IOC to the suspicious object list in Trend Vision One.
Pivot Menu
Learn more
Logo for Trend Vision One
Trend Vision One - Isolate Endpoint
Cisco Managed
This workflow appears in the pivot menu and allows a user to isolate an endpoint in Trend Vision One.
Pivot Menu
Learn more
Logo for Trend Vision One
Trend Vision One - Remove Endpoint from Isolation
Cisco Managed
This workflow appears in the pivot menu and allows a user to remove an endpoint from isolation in Trend Vision One.
Pivot Menu
Learn more
Logo for Trend Vision One
Trend Vision One - Remove IOC from Suspicious Object List
Cisco Managed
This workflow appears in the pivot menu and allows a user to remove an IOC from the suspicious object list in Trend Vision One.
Pivot Menu
Learn more