Cohesity - Take Protection Group Snapshot for Affected VMs
Details
This workflow is triggered by an automation rule when an incident is created in Cisco XDR. When triggered, the workflow will identify assets in the incident and attempt to take a snapshot of each asset using Cohesity DataProtect.
Description
This workflow is triggered by an automation rule when an incident is created in Cisco XDR. When triggered, the workflow will identify assets in the incident and attempt to take a snapshot of each asset using Cohesity DataProtect.
Targets: Platform APIs, Cohesity DataProtect
Steps:
- For each incident target:
- Make sure the target is a host and fetch its details from XDR assets
- Validate and convert the serial number (to a VMware UUID)
- Search for matching protection objects in Cohesity
- For each Cohesity object:
- For each cluster the object belongs to:
- Parse the protection jobs and see if they are viable for taking a snapshot (if they are, take a snapshot and continue to the next protection object)
- For each cluster the object belongs to:
Required targets
This workflow requires the following targets to be available before it can be run.
Integration targets
- Cohesity DataProtect
- Cisco XDR
About
Author
Cohesity
Version
v1.5
Integration
Average rating
No ratings yet
Authorship
Cisco Verified
Contact and support information
External links
Related workflows
Cisco Verified
This workflow is triggered by an incident automation rule and identifies available restore points for impacted assets in Cohesity DataProtect.
Cisco Verified
This workflow appears in the pivot menu and leverages Cohesity DataProtect to restore the selected virtual machine to its most recent backup snapshot.
Cisco Verified
This workflow appears in the pivot menu and enables you to capture snapshots of virtual machines in Cohesity DataProtect.
Cisco Verified
This workflow is triggered by an automation rule when an incident is created in Cisco XDR.