dohurd

Member Since: Jun 06, 2014

User Badges:
  • Cisco Employee,

English
dohurd commented on Cisco FireSIGHT Forwarder for HP Arcsight CEF in Sourcefire API 2 weeks ago

OK.  We may have a windows version later this summer. Not a promise but we're looking at it.

dohurd commented on Cisco FireSIGHT Forwarder for HP Arcsight CEF in Sourcefire API 2 weeks ago

I'm going to ask an expert to weigh in on this. I don't have dev skills to answer. I've attached...

dohurd commented on Cisco FireSIGHT Forwarder for HP Arcsight CEF in Sourcefire API 2 weeks ago

It is our plan to have a pretty solid beta available later in June.  We're about a month behind but...

dohurd commented on Splunk Estreamer App with FMC 6.2.0.1 in Sourcefire API 1 month ago

The eNcore version is failing?  Its not clear to me which version you mean. Could you email any...

dohurd commented on JDBC Database Integration With Splunk in Sourcefire API 1 month ago

Yes.  Please shoot me an email directly. [email protected] Just need a company name.  I'll mail...

dohurd commented on JDBC Database Integration With Splunk in Sourcefire API 1 month ago

The performance limitations you have experienced with eStreamer are very likely to do with the...

dohurd commented on Tenable Security Center to Sourcefire Firesight vulnerability connector in FireSIGHT System / 3D System 2 months ago

Christopher, let me at least end the finger-pointing stuff. You're correct that this is supposed to...

dohurd commented on Qualys connector openning SSL v2/v3 connections in Sourcefire API 3 months ago

This is a supported Host Input Connector.  You can open a TAC support case and get help directly...

dohurd commented on Get pcap data file via API in Sourcefire API 4 months ago

There two ways I know of to obtain the PCAP for a specific Snort (IDS/IPS) event. 1. Request...

dohurd commented on Cisco FireSIGHT Forwarder for HP Arcsight CEF in Sourcefire API 4 months ago

James, TAC is wrong.  The is not maintained officially by Cisco.  Anyone is free to make any...

dohurd commented on Nessus Connector for Host Input API, Firepower Version 6.x in Sourcefire API 7 months ago

No.  The connector for Tenable's Security Center' os different. You can download it here.  https://...

dohurd commented on FMC REST API 6.1 in Sourcefire API 7 months ago

I did get some more insight that may be helpful: When you retrieve the token, the domains uuids...

dohurd commented on FMC REST API 6.1 in Sourcefire API 7 months ago

I checked and its not in the 6.2 release.  I've asked about the following release. .. TBD

dohurd commented on Qualys Connector for Defense Center in Sourcefire API 8 months ago

It should work fine but we've not made many changes to it or the Host INput API that collects the...

dohurd commented on Firesight integration with ncircle vulnerability management in Sourcefire API 8 months ago

Cisco TAC will help to make sure the FMC;'s Host Input API is enabled and working correctly but the...

dohurd commented on Firesight integration with ncircle vulnerability management in Sourcefire API 8 months ago

You can.  The 'connector' that allows the IP360 vuln report data to be written into the FMC's Host...

dohurd commented on Tripwire IP360 Host Input API Connector in Sourcefire API 8 months ago

I'll send this to a few Cisco techs.  Might be able to make a suggestion to fix.

dohurd commented on Tenable Security Center to Sourcefire Firesight vulnerability connector in FireSIGHT System / 3D System 11 months ago

I'm assuming you're talking about the readme file in the .zip with the connector.  I do not have...

dohurd commented on Tenable Security Center to Sourcefire Firesight vulnerability connector in FireSIGHT System / 3D System 1 year ago

sorry if this is a dumb question but did you look at this connector?  https://supportforums.cisco....

dohurd commented on sourcefire port objects - import option? in Sourcefire API 1 year ago

FireSIGHT lacks a Read/Write for policy right now but this will change with version 6.1 scheduled...

dohurd commented on API to Patch Management in Sourcefire API 1 year ago

We have a number of integrations that allow 3rd party vulnerability reports to be imported via...

dohurd commented on I heard at the last Cisco Live that the Firesight Estreamer API was being updated to enable export in CEF (Common Event Format) in Sourcefire API 1 year ago

We developed a 'CEF Client' because Arcsight essentially stopped maintaining their 'Smart Connector...

dohurd commented on Cisco FireSIGHT Forwarder for HP Arcsight CEF in Sourcefire API 1 year ago

5.3.1 was the last version they tested.  Their Smart Connector should continue to work identically...

dohurd commented on No Module.Template Found Error when installing the Nessus Connector in FireSight 5.4 in Sourcefire API 2 years ago

Keith, looks like you're trying to load the connector onto the FireSIGHT Management Center.  That's...

dohurd commented on Rapid7 NeXpose Connect Version 1.6.2 for Sourcefire ver. 5.2.x in Sourcefire API 2 years ago

Did this ever get resolved?

dohurd commented on Qualys Connector in Sourcefire API 2 years ago

The Qualys Connector has a PID.  We sell it.  There is no enforceable license though.  

dohurd commented on SourceFire 5.3.1 ASA not applying Access Control policy in Sourcefire API 2 years ago

This isn't API related so I don't have the knowledge to hand.  You _should_ be able to get help...

dohurd commented on Solera Updated Patch Version 3.2 for SF 5.x Defense Center in Sourcefire API 2 years ago

5.1.1 was the shipping product last time the patch was tweaked. Try a 'Force Install' and it should...

dohurd commented on Guidance Encase Remediation Module in Sourcefire API 2 years ago

I think the download is an archive inside a zip.  Maybe you worked this out.  Not sure. Please make...

dohurd commented on Tenable Connector and Docs - V3.0 in Sourcefire API 2 years ago

the Host Input API only ingests the vulnerability listing reported by Tenable (Nessus) adds them...

dohurd commented on Unable To Apply 5.3.1.1-37 Update? in Sourcefire API 2 years ago

Good News!

dohurd commented on Unable To Apply 5.3.1.1-37 Update? in Sourcefire API 2 years ago

John, if you could send to me or attach the file:  /var/log/sf/...

dohurd commented on Latest version of the Sourcefire eStreamer for Splunk in Sourcefire API 2 years ago

On the second question, you cannot collect from two DCs with a single client.  You would need to...

dohurd commented on Latest version of the Sourcefire eStreamer for Splunk in Sourcefire API 2 years ago

Need to know _exactly_ which version of Splunk you're seeing this with.

dohurd commented on How o submit patches in Sourcefire API 2 years ago

Hi Matt and thanks.I can post it for you.  Please write up a few sentences or whatever you have...

dohurd commented on How many APIs on the Defense Center? in Sourcefire API 3 years ago

Four.eStreamer, Host Input, JDBC, Remediation 

Bio

User Badges:
  • Badge.
    Cisco Employee

dohurd's Stats

Points40
Discussion started 1
Answers marked as Correct 4
Endorsed 1
Content Rated 0