fireeye-ex-trace-files
Fetch trace files from FireEye EX devices
fireeye-ex-trace-files [profile=PROFILE] guid=GUID
- profile=PROFILE
- FireEye EX profile
- guid=GUID
- EX Alert UUID
Output Fields
Field | Type | Name | Description |
---|---|---|---|
profile | String | Profile | FireEye EX connect profile name |
file_name | String | File name | Email attachment name |
trace_type | String | Trace type | e.g. malware_malicious, replay_pcap |
trace_file_name | String | Trace file name | e.g. GUID.malware, GUID.pnva.pcap |
trace_file_size | Long | Trace file size | |
md5 | String | MD5 | MD5 hash of attachment file |
sha256 | String | SHA256 | SHA256 hash of attachment file |