FireeyeAX
Closed this issue · 1 comments
phfireeyeax 1.0
The app this issue relates to.
FireEye portal app integration
Describe the bug
When attempting to detonate a URL or FILE from the actions in phantom it errors using the fireeyeax app. the profile that Phantom tries to pass across are as below:
"profile": {
"description": "Select the Malware Analysis profile to use for analysis",
"data_type": "string",
"required": true,
"value_list": [
"win7-sp1",
"winxp-sp3",
"win7x64-sp1",
"win10x64"
When logging into the FireEye Portal and manually attempting the file and URL detonation the profiles differ in the fact that they all now have an m at the end of the profile name.
for example win7-sp1m
To Reproduce
Steps to reproduce the behavior:
- Go to 'actions'
- Click on 'apps'
- Click on the 'fireeyeAX app'
- Scroll down to 'profiles'
- ddetoante url
- See error
Expected behavior
A clear and concise description of what you expected to happen.
the screen shot:
on the left with the black background we have the fireEye Portal on the right we have the fireeyeax.json file parameters
Screenshots
If applicable, add screenshots to help explain your problem.
Phantom Version (please complete the following information):
- OVA, Unprivileged Install, or RPM?
- If not OVA, OS Version?
- Hypervisor (if applicable)?
- App Version?
Additional context
Add any other context about the problem here.
Hello!
This issue has been copied to splunk-soar-connectors/fireeyeax#1 in our new GitHub org. Please track the new issue going forward.