Endpoint Enrichment - Generic

Deprecated

DEPRECATED. Use "Endpoint Enrichment - Generic v2.1" playbook instead. Enriches an Endpoint hostname using one or more integrations.

Dependencies

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks

  • CrowdStrike Endpoint Enrichment

Integrations

  • carbonblack
  • SentinelOne
  • Cylance Protect

Scripts

  • Exists
  • ADGetComputer
  • EPOFindSystem

Commands

  • so-agents-query
  • cb-sensor-info
  • cylance-protect-get-devices

Playbook Inputs


NameDescriptionDefault ValueRequired
HostnameThe hostname to enrich.${Endpoint.Hostname}Optional

Playbook Outputs


PathDescriptionType
EndpointThe Endpoint's object.unknown
Endpoint.HostnameThe hostname to enrich.string
Endpoint.OSThe Endpoint OS.string
Endpoint.IPThe list of Endpoint IP addresses.unknown
Endpoint.MACThe list of Endpoint MAC addresses.unknown
Endpoint.DomainThe Endpoint domain name.string

Playbook Image


Endpoint_Enrichment_Generic