Symantec Management Center

Symantec Management Center provides a unified management environment for the Symantec Security Platform portfolio of products. Management Center brings Symantec’s network, security, and cloud technologies to you under a single umbrella making it easier to deploy, manage, and monitor your security environment.

In Demisto, the integration with Symantec MC allows viewing and managing devices and policies.
The integration was integrated and tested with version 2.2.1.1 of Symantec Management Center.

Use Cases

  1. View information about devices in Symantec MC
  2. View, create, update and delete policies in Symantec MC
  3. Manage shared IP/category/URL lists in Symantec MC

Configure Symantec Management Center on Demisto

In order to access the API, user credentials for Symantec Management Center are required.

  1. Navigate to Settings > Integrations > Servers & Services .
  2. Search for Symantec Management Center.
  3. Click Add instance to create and configure a new integration instance.
    • Name : a textual name for the integration instance.
    • Server URL (e.g.: https://192.168.0.1:8082)
    • Credentials
    • Trust any certificate (not secure)
    • Use system proxy settings
  4. Click Test to validate the URLs, token, and connection.

Commands

You can execute these commands from the Demisto CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

1. Get a list of all devices


Lists all devices in Symantec MC.

Base Command

symantec-mc-list-devices

Input
Argument Name Description Required
build Filter the query filter parameter by the OS build number, for example: “GT 227900”. Optional
description Filter the query filter parameter by description, for example: “CONTAINS” desc". Optional
model Filter the query filter parameter by model, for example: “EQ VSWG-SE”. Optional
name Filter the query filter parameter by name, for example: “STARTSWITH CAS”. Optional
os_version Filter the query filter parameter by OS version, for example: “LT 2.3”. Optional
platform Filter the query filter parameter by platform, for example: “CONTAINS CAS”. Optional
type Filter the query filter parameter by device type, for example: “cas”. Optional
limit Maximum number of results to return. Optional

Context Output
Path Type Description
SymantecMC.Device.UUID String Device UUID.
SymantecMC.Device.Name String Device name.
SymantecMC.Device.LastChanged Date Device last changed date.
SymantecMC.Device.Type String Device type.
SymantecMC.Device.Host String Device host address.

Command Example
symantec-mc-list-devices name="CONTAINS Blue Coat"
Context Example
{
    "SymantecMC.Device": [
        {
            "Host": "192.168.1.207", 
            "UUID": "C131C3D1-171B-4DA7-ADE2-AA736EA91540", 
            "Type": "sgos6x", 
            "Name": "192.168.1.207 - Blue Coat SG-VA Series", 
            "LastChanged": "2019-04-08T11:27:32"
        }
    ]
}
Human Readable Output

Symantec Management Center Devices

UUID Name Last Changed Host Type
C131C3D1-171B-4DA7-ADE2-AA736EA91540 192.168.1.207 - Blue Coat SG-VA Series 2019-04-08T11:27:32 192.168.1.207 sgos6x

2. Get device information


Gets device information from Symantec MC.

Base Command

symantec-mc-get-device

Input
Argument Name Description Required
uuid Device UUID. Run the symantec-mc-list-devices command to get the UUID. Required

Context Output
Path Type Description
SymantecMC.Device.UUID String Device UUID.
SymantecMC.Device.Name String Device name.
SymantecMC.Device.LastChanged String Device last changed date.
SymantecMC.Device.LastChangedBy String User that last changed the device.
SymantecMC.Device.Description String Device description.
SymantecMC.Device.Model String Device model.
SymantecMC.Device…Platform String Device platform
SymantecMC.Device.Type String Device type.
SymantecMC.Device.OSVersion String Device OS version.
SymantecMC.Device.Build Number Device build number.
SymantecMC.Device.SerialNumber Number Device serial number.
SymantecMC.Device.Host String Device host address.
SymantecMC.Device.ManagementStatus String Device management status.
SymantecMC.Device.DeploymentStatus String Device deployment status.

Command Example
symantec-mc-get-device uuid="C131C3D1-171B-4DA7-ADE2-AA736EA91540"
Context Example
{
    "SymantecMC.Device": {
        "SerialNumber": "0806315479", 
        "Name": "192.168.1.207 - Blue Coat SG-VA Series", 
        "LastChangedBy": "admin", 
        "LastChanged": "2019-04-08T11:27:32", 
        "DeploymentStatus": "DEPLOYED", 
        "ManagementStatus": "FULLY_MANAGED", 
        "Platform": "Blue Coat SG-VA Series", 
        "Host": "192.168.1.207", 
        "Build": "226712", 
        "Model": "VSWG-SE", 
        "OSVersion": "SGOS 6.7.4.1 SWG Edition", 
        "Type": "sgos6x", 
        "UUID": "C131C3D1-171B-4DA7-ADE2-AA736EA91540"
    }
}
Human Readable Output

Symantec Management Center Device

UUID Name Last Changed Last Changed By Model Platform Host Type OS Version Build Serial Number Management Status Deployment Status
C131C3D1-171B-4DA7-ADE2-AA736EA91540 192.168.1.207 - Blue Coat SG-VA Series 2019-04-08T11:27:32 admin VSWG-SE Blue Coat SG-VA Series 192.168.1.207 sgos6x SGOS 6.7.4.1 SWG Edition 226712 0806315479 FULLY_MANAGED DEPLOYED

3. Get device health information


Gets health information for a device.

Base Command

symantec-mc-get-device-health

Input
Argument Name Description Required
uuid Device UUID. Run the symantec-mc-list-devices command to get the UUID. Required

Context Output
Path Type Description
SymantecMC.Device.UUID String Device UUID.
SymantecMC.Device.Name String Device name.
SymantecMC.Device.Health.Category String Device health category.
SymantecMC.Device.Health.Name String Device health name.
SymantecMC.Device.Health.State String Device health state.
SymantecMC.Device.Health.Message String Device health message.
SymantecMC.Device.Health.Status String Device health status.

Command Example
symantec-mc-get-device-health uuid="C131C3D1-171B-4DA7-ADE2-AA736EA91540"
Context Example
{
    "SymantecMC.Device": {
        "Health": [
            {
                "Category": "DNS Server", 
                "Status": "UP", 
                "Message": "Successes: 23374", 
                "Name": "dns.8.8.8.8", 
                "State": "OK"
            }, 
            {
                "Category": "External Services", 
                "Status": "UP", 
                "Message": "Successes: 796", 
                "Name": "drtr.rating_service", 
                "State": "OK"
            }
        ], 
        "Name": "192.168.1.207 - Blue Coat SG-VA Series", 
        "UUID": "C131C3D1-171B-4DA7-ADE2-AA736EA91540"
    }
}
Human Readable Output

Symantec Management Center Device

UUID Name
C131C3D1-171B-4DA7-ADE2-AA736EA91540 192.168.1.207 - Blue Coat SG-VA Series

Device Health

Category Name State Message Status
DNS Server dns.8.8.8.8 OK Successes: 23374 UP
External Services drtr.rating_service OK Successes: 796 UP

4. Get license information for a device


Gets license information for a device in Symantec MC

Base Command

symantec-mc-get-device-license

Input
Argument Name Description Required
uuid Device UUID. Run the symantec-mc-list-devices command to get the UUID. Required

Context Output
Path Type Description
SymantecMC.Device.UUID String Device UUID.
SymantecMC.Device.Name String Device name.
SymantecMC.Device.Type String Device type.
SymantecMC.Device.LicenseStatus String Device license status.
SymantecMC.Device.LicenseComponent.Name String Device license component name.
SymantecMC.Device.LicenseComponent.ActivationDate Date Device license component activation date.
SymantecMC.Device.LicenseComponent.ExpirationDate Date Device license component expiration date
SymantecMC.Device.LicenseComponent.Validity String Device license component validity.

Command Example
symantec-mc-get-device-license uuid="C131C3D1-171B-4DA7-ADE2-AA736EA91540"
Context Example
{
    "SymantecMC.Device": {
        "LicenseComponent": [
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "SGOS 6 SWG Edition"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "Windows Media Streaming"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "Real Media Streaming"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "QuickTime Streaming"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "SSL"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "Bandwidth Management"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "ProxyClient - Acceleration"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "ProxyClient - Web Filtering"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "3rd Party Onbox Content Filtering"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "ICAP Services"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "AOL Instant Messaging"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "MSN Instant Messaging"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "Yahoo Instant Messaging"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "Netegrity SiteMinder"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "Oracle COREid"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "Peer-To-Peer"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "Compression"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "Flash Streaming"
            }, 
            {
                "ActivationDate": "2019-03-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "Encrypted Tap"
            }, 
            {
                "ActivationDate": "2019-04-25T00:00:00", 
                "ExpirationDate": "2019-09-24T00:00:00", 
                "Validity": "VALID", 
                "Name": "Authentication"
            }
        ], 
        "Type": "sgos6x", 
        "Name": "192.168.1.207 - Blue Coat SG-VA Series", 
        "UUID": "C131C3D1-171B-4DA7-ADE2-AA736EA91540"
    }
}
Human Readable Output

Symantec Management Center Device

UUID Name Type
C131C3D1-171B-4DA7-ADE2-AA736EA91540 192.168.1.207 - Blue Coat SG-VA Series sgos6x

License Components

Name Activation Date Expiration Date Validity
SGOS 6 SWG Edition 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
Windows Media Streaming 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
Real Media Streaming 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
QuickTime Streaming 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
SSL 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
Bandwidth Management 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
ProxyClient - Acceleration 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
ProxyClient - Web Filtering 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
3rd Party Onbox Content Filtering 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
ICAP Services 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
AOL Instant Messaging 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
MSN Instant Messaging 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
Yahoo Instant Messaging 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
Netegrity SiteMinder 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
Oracle COREid 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
Peer-To-Peer 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
Compression 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
Flash Streaming 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
Encrypted Tap 2019-03-25T00:00:00 2019-09-24T00:00:00 VALID
Authentication 2019-04-25T00:00:00 2019-09-24T00:00:00 VALID

5. Get the status of a device


Gets the status of a device.

Base Command

symantec-mc-get-device-status

Input
Argument Name Description Required
uuid Device UUID. Run the symantec-mc-list-devices command to get the UUID. Required

Context Output
Path Type Description
SymantecMC.Device.UUID String Device UUID.
SymantecMC.Device.Name String Device name.
SymantecMC.Device.CheckDate Date Device check date.
SymantecMC.Device.StartDate Date Device start date.
SymantecMC.Device.MonitorState String Device monitor state.
SymantecMC.Device.Warnings Number Device warning count.
SymantecMC.Device.Errors Number Device error count.

Command Example
symantec-mc-get-device-status uuid="C131C3D1-171B-4DA7-ADE2-AA736EA91540"
Context Example
{
    "SymantecMC.Device": {
        "StartDate": "2019-03-25T12:37:42", 
        "Errors": 0, 
        "Name": "192.168.1.207 - Blue Coat SG-VA Series", 
        "Warnings": 0, 
        "MonitorState": "MONITORED", 
        "CheckDate": "2019-04-28T13:05:40", 
        "UUID": "C131C3D1-171B-4DA7-ADE2-AA736EA91540"
    }
}
Human Readable Output

Symantec Management Center Device Status

UUID Name Check Date Start Date Monitor State Warnings Errors
C131C3D1-171B-4DA7-ADE2-AA736EA91540 192.168.1.207 - Blue Coat SG-VA Series 2019-04-28T13:05:40 2019-03-25T12:37:42 MONITORED 0 0

6. Get a list of policies


List policies in Symantec MC.

Base Command

symantec-mc-list-policies

Input
Argument Name Description Required
content_type Filter the query filter parameter by content type of policy, e.g., “ENDSWITH URL” Optional
description Filter the query filter parameter by description, for example: “CONTAINS desc.” Optional
name Filter the query filter parameter by name, for example: “STARTSWITH my_list”. Optional
reference_id Filter the query filter parameter by referenceId, for example: “EQ my_list”. Optional
shared Parameter to filter, based on whether the policy is shared or not shared. Optional
tenant Filter the query filter parameter by tenant, e.g., “EQ TENANT_EXTERNAL_ID” Optional
limit Limit the number of results returned Optional

Context Output
Path Type Description
SymantecMC.Policy.UUID String Policy UUID.
SymantecMC.Policy.Name String Policy name.
SymantecMC.Policy.ContentType String Policy content type.
SymantecMC.Policy.Author String Policy author.
SymantecMC.Policy.Shared Boolean Policy shared.
SymantecMC.Policy.ReferenceID String Policy reference ID
SymantecMC.Policy.Tenant String Policy tenant.
SymantecMC.ReplaceVariables Boolean Policy replace variables.

Command Example
symantec-mc-list-policies content_type="EQ IP_LIST"
Context Example
{
    "SymantecMC.Policy": [
        {
            "ReferenceID": "test_ip_list", 
            "ContentType": "IP_LIST", 
            "Name": "test_ip_list", 
            "Author": "admin", 
            "ReplaceVariables": true, 
            "Shared": true, 
            "UUID": "0D264052-9628-4872-8C07-E04A8B95F602"
        }, 
        {
            "ReferenceID": "test_policy_ip", 
            "ContentType": "IP_LIST", 
            "Name": "test_policy_ip", 
            "Author": "admin", 
            "ReplaceVariables": false, 
            "Shared": true, 
            "Tenant": "1234", 
            "UUID": "AF193330-49D0-413B-8365-6C4A5FD7A780"
        }
    ]
}
Human Readable Output

Symantec Management Center Policies

UUID Name Content Type Author Shared Reference ID Tenant Replace Variables
0D264052-9628-4872-8C07-E04A8B95F602 test_ip_list IP_LIST admin true test_ip_list true
AF193330-49D0-413B-8365-6C4A5FD7A780 test_policy_ip IP_LIST admin true test_policy_ip 1234 false

7. Get policy information


Gets information for a policy.

Base Command

symantec-mc-get-policy

Input
Argument Name Description Required
uuid Device UUID. Run the symantec-mc-list-devices command to get the UUID. Optional
name The policy name Optional

Context Output
Path Type Description
SymantecMC.Policy.Name String Policy name.
SymantecMC.Policy.SchemaVersion Number Policy content schema version.
SymantecMC.Policy.RevisionInfo.Number Number Policy content revision number.
SymantecMC.Policy.RevisionInfo.Description String Policy content revision description.
SymantecMC.Policy.RevisionInfo.Author String Policy content revision author.
SymantecMC.Policy.RevisionInfo.Date Date Policy content revision date.
SymantecMC.Policy.IP.Address String Policy IP address.
SymantecMC.Policy.IP.Description String Policy IP description.
SymantecMC.Policy.IP.Enabled Boolean Policy IP enabled.
SymantecMC.Policy.URL.Address String Policy URL address.
SymantecMC.Policy.URL.Description String Policy URL description.
SymantecMC.Policy.URL.Enabled Boolean Policy URL enabled.
SymantecMC.Policy.Category.Name String Policy category name.
SymantecMC.Policy.UUID String Policy UUID.
SymantecMC.Policy.Description String Policy Description.
SymantecMC.Policy.ReferenceID String Policy reference ID.

Command Example
symantec-mc-get-policy uuid="0D264052-9628-4872-8C07-E04A8B95F602"
Context Example
{
    "SymantecMC.Policy": {
        "ReferenceID": "test_ip_list", 
        "ContentType": "IP_LIST", 
        "Description": "New description", 
        "IP": [
            {
                "Enabled": false, 
                "Description": "what?", 
                "Address": "1.2.3.4"
            }, 
            {
                "Enabled": false, 
                "Description": "Test IPs", 
                "Address": "8.8.8.8"
            }, 
            {
                "Enabled": false, 
                "Description": "Test IPs", 
                "Address": "8.8.8.8"
            }, 
            {
                "Enabled": false, 
                "Description": "Test IPs", 
                "Address": "8.8.8.8"
            }
        ], 
        "RevisionInfo": {
            "Date": "2019-04-28T13:03:46", 
            "Number": "1.13", 
            "Description": "test", 
            "Author": "admin"
        }, 
        "UUID": "0D264052-9628-4872-8C07-E04A8B95F602", 
        "SchemaVersion": "1.0", 
        "Name": "test_ip_list"
    }
}
Human Readable Output

Symantec Management Center Policy

UUID Name Schema Version Reference ID Description Content Type
0D264052-9628-4872-8C07-E04A8B95F602 test_ip_list 1.0 test_ip_list New description IP_LIST

Revision Information

Number Description Author Date
1.13 test admin 2019-04-28T13:03:46

IP List

Address Description Enabled
1.2.3.4 what? false
8.8.8.8 Test IPs false
8.8.8.8 Test IPs false
8.8.8.8 Test IPs false

8. Create a policy


Creates a policy in Symantec MC.

Base Command

symantec-mc-create-policy

Input
Argument Name Description Required
name Policy name. Required
content_type Policy content type. Required
description Policy description. Optional
reference_id Policy reference ID. Optional
tenant UUID of the tenant associated with this policy. Run the symantec-mc-list-tenants command to get the tenant UUID. Optional
shared Share policy Optional
replace_variables Replace variables supported Optional

Context Output
Path Type Description
SymantecMC.Policy.UUID String Policy UUID.
SymantecMC.Policy.Name String Policy name.
SymantecMC.Policy.ContentType String Policy content type.
SymantecMC.Policy.Author String Policy author.

Command Example
symantec-mc-create-policy name="test_ip_policy" content_type="IP_LIST" description="This is a test" tenant="EDAD4D73-95E7-4C11-84EB-D0C73D28D50A" shared="true"
Context Example
{
    "SymantecMC.Policy": {
        "UUID": "AFD91FAE-27C7-461A-86BB-317805ED8DCC", 
        "ContentType": "IP_LIST", 
        "Name": "test_ip_policy", 
        "Author": "admin"
    }
}
Human Readable Output

Policy created successfully

UUID Name Content Type Author
AFD91FAE-27C7-461A-86BB-317805ED8DCC test_ip_policy IP_LIST admin

9. Update a policy


Updates the metadata for a policy in Symantec MC.

Base Command

symantec-mc-update-policy

Input
Argument Name Description Required
uuid Policy UUID. Run the symantec-mc-list-policies command to get the UUID. Required
name New name of the policy. Optional
description New description of the policy. Optional
reference_id New reference ID of the policy. Optional
replace_variables Replace variables in the policy. Optional

Context Output
Path Type Description
SymantecMC.Policy.UUID String Policy UUID.
SymantecMC.Policy.Name String Policy name.

Command Example
symantec-mc-update-policy uuid="0D264052-9628-4872-8C07-E04A8B95F602" description="New description"
Context Example
{
    "SymantecMC.Policy": {
        "UUID": "0D264052-9628-4872-8C07-E04A8B95F602", 
        "ContentType": "IP_LIST", 
        "Name": "test_ip_list", 
        "Author": "admin"
    }
}
Human Readable Output

Policy updated successfully

UUID Name Content Type Author
0D264052-9628-4872-8C07-E04A8B95F602 test_ip_list IP_LIST admin

10. Delete a policy


Deletes a policy in Symantec MC.

Base Command

symantec-mc-delete-policy

Input
Argument Name Description Required
uuid Policy UUID. Run the symantec-mc-list-policies command to get the UUID. Required
force Set to “true” to force the policy object to be removed even if it is referenced by another policy. Optional

Context Output

There is no context output for this command.

Command Example
symantec-mc-delete-policy uuid="DCF96A1D-1D42-493A-B377-84E682D91BF1"
Context Example

No context

Human Readable Output

Policy deleted successfully

11. Get a list of tenants


List tenants in Symantec MC.

Base Command

symantec-mc-list-tenants

Input
Argument Name Description Required
limit Maximum number of results to return. Optional

Context Output
Path Type Description
SymantecMC.Tenant.UUID String Tenant UUID.
SymantecMC.Tenant.Name String Tenant name.
SymantecMC.Tenant.ExternalID String Tenant external ID.
SymantecMC.Tenant.Description String Tenant description.
SymantecMC.Tenant.System Boolean Whether the system is a tenant.

Command Example
symantec-mc-list-tenants
Context Example
{
    "SymantecMC.Tenant": [
        {
            "System": true, 
            "UUID": "54D4CDA9-293E-4861-B56F-0E50E5799F7A", 
            "ExternalID": "default", 
            "Description": "The tenant whose policy is used when no tenant-specific policy object is available.", 
            "Name": "Default"
        }, 
        {
            "UUID": "EDAD4D73-95E7-4C11-84EB-D0C73D28D50A", 
            "ExternalID": "1234", 
            "Name": "Tenant", 
            "System": false
        }
    ]
}
Human Readable Output

Symantec Management Center Tenants

UUID Name External ID Description System
54D4CDA9-293E-4861-B56F-0E50E5799F7A Default default The tenant whose policy is used when no tenant-specific policy object is available. true
EDAD4D73-95E7-4C11-84EB-D0C73D28D50A Tenant 1234 false

12. Add content to a policy


Adds content to a policy in Symantec MC. Can be IPs, URLs, or category names.

Base Command

symantec-mc-add-policy-content

Input
Argument Name Description Required
uuid Policy UUID. Run the symantec-mc-list-policies command to get the UUID. Optional
name The policy name to add content to. Optional
content_type Policy content type Required
change_description Description of the policy change. Required
schema_version The version of the schema for this content. This value will correspond to the format of the content. Run the symantec-mc-get-policy command to get the schema vesion. Optional
ip CSV list of IP addresses to add, for example: “1.2.3.4, 8.8.8.8”. Optional
url CSV list of URLs to add, for example: “www.google.com, www.github.com”. Optional
category CSV list of category names to add, for example: “Job Search/Careers, Content Servers”. Optional
enabled Relevant for URL and IP. Optional
description Content description. Optional

Context Output

There is no context output for this command.

Command Example
symantec-mc-add-policy-content uuid="0D264052-9628-4872-8C07-E04A8B95F602" content_type="IP_LIST" change_description="test" ip="2.2.2.2,4.4.4.4,8.8.8.8" description="Test IPs"
Context Example

No context output

Human Readable Output

Successfully added content to the policy

13. Delete policy content


Deletes content from a policy in Symantec MC.

Base Command

symantec-mc-delete-policy-content

Input
Argument Name Description Required
uuid Policy UUID. Run the symantec-mc-list-policies command to get the UUID. Optional
name The policy name to add content to. Optional
content_type Policy content type. Required
change_description Description of the policy change. Required
schema_version The version of the schema for this content. This value will correspond to the format of the content. Run the symantec-mc-get-policy command to get the schema version. Optional
ip CSV list of IP addresses to delete, for example: “1.2.3.4, 8.8.8.8”. Optional
url CSV list of URLs to delete, for example: “www.google.com, www.github.com”. Optional
category CSV list of category names to delete, for example: “Job Search/Careers, Content Servers”. Optional

Context Output

There is no context output for this command.

Command Example
symantec-mc-delete-policy-content uuid="0D264052-9628-4872-8C07-E04A8B95F602" content_type="IP_LIST" change_description="test" ip="2.2.2.2,4.4.4.4"
Context Example

No context output

Human Readable Output

Successfully deleted content from the policy

Additional Information

For additional details regarding Query Filter Syntax see the Symantec Management Center API documentation .

Currently the integrations supports managing content for shared objects of types:

  • URL List
  • IP List
  • Category List

The API does not support running requests in parallel. An error will be thrown.

Troubleshooting

You may encounter the following errors while running Symantec MC commands:

HTTP 404 Not Found - The requested resource was not found. You can try to list the existing resources and search again.

HTTP 400 Bad Request - An incorrect request was sent to Symantec MC. Verify that you are sending the arguments correctly.

HTTP 500 Internal Server Error - Error in Symantec MC. Could occur if requests are made in parallel.

If you encounter any issues, contact us at support@demisto.com .