Forescout eyeExtend for Microsoft Sentinel
Solution: ForescoutHostPropertyMonitor
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Publisher | Forescout Technologies |
| Support Tier | Partner |
| Support Link | https://www.forescout.com/support |
| Categories | domains |
| Version | 3.0.0 |
| Author | Julian Wang - julian.wang@forescout.com |
| First Published | 2022-06-28 |
| Solution Folder | ForescoutHostPropertyMonitor |
| Marketplace | Azure Marketplace · Popularity: ⚪ Very Low (0%) |
Forescout Host Property Monitor offers host property analysis, incident generation and action dispatching for hosts managed by Forescout Continuum platform.
Contents
Data Connectors
This solution provides 1 data connector(s):
🔶 CLv1: This connector ingests into a table that uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g.
_s,_d,_b,_t,_g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.
Tables Used
This solution uses 3 table(s):
| Table | Used By Connectors | Used By Content |
|---|---|---|
ForescoutComplianceStatus_CL |
Forescout Host Property Monitor | Workbooks |
ForescoutHostProperties_CL 🔶 |
Forescout Host Property Monitor | Analytics, Workbooks |
ForescoutPolicyStatus_CL |
Forescout Host Property Monitor | Workbooks |
🔶 CLv1: This table uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g.
_s,_d,_b,_t,_g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.
Content Items
This solution includes 3 content item(s):
| Content Type | Count |
|---|---|
| Analytic Rules | 1 |
| Workbooks | 1 |
| Playbooks | 1 |
Analytic Rules
| Name | Severity | Tactics | Tables Used |
|---|---|---|---|
| Forescout-DNS_Sniff_Event_Monitor | Medium | - | ForescoutHostProperties_CL |
Workbooks
| Name | Tables Used |
|---|---|
| ForescoutHostPropertyMonitorWorkbook | ForescoutComplianceStatus_CLForescoutHostProperties_CLForescoutPolicyStatus_CL |
Playbooks
| Name | Description | Tables Used |
|---|---|---|
| Forescout-DNS_Sniff_Event_Playbook | This playbook will update incident with action to perform on endpoint | - |
Release Notes
| Version | Date Modified (DD-MM-YYYY) | Change History |
|---|---|---|
| 3.0.0 | 18-02-2025 | Added new Workbook Forescout Host Property Monitor Workbook. Changes to Analytic Rules and Playbook corresponding to Customer table changes replaced HTTP Data Collector API with Log Ingestion API. |
| 2.0.1 | 26-05-2022 | Updated Support details from Microsoft to Forescout. |
| 2.0.0 | 05-11-2023 | Initial Solution Release. |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊