Tip
This article was accurate at the time of writing, but changes happen. If you find the instructions are outdated, leave a description in the comment field below and let us know!
Step 1: Enable console access
This procedure creates a user account for Expel that keeps the Expel activity separate from other activity on the Trellix HX console.
-
Navigate to Admin > Appliance Settings.
-
Click User Accounts on the left.
-
For Username add Expel.
-
Ensure the Role is set to Admin.
-
Type a Password.
-
Step 2: Generate API credentials
This procedure creates an authentication token that allows the Expel Assembler to access the Trellix HX API.
-
Go to the User Accounts section.
-
For Username add expelapi.
-
Make sure the Role is set to API Admin.
-
Type a Password.
Step 3: Configure the technology in Workbench
-
In a new browser tab, log into https://workbench.expel.io.
-
On the console page, navigate to Settings and click Security Devices.
-
At the top of the page, click Add Security Device.
-
Search for and select Trellix HX.
-
Select an Assembler from the list with network connectivity to the Trellix HX device. Select the assembler you set up in Getting connected to Expel Workbench.
-
For Name type the host name of the Trellix HX device.
-
For Location type the geographic location of the appliance.
-
For Server address type the Trellix HX device IP and communications port in the following format:
https://<serverip>:3000
. Find the Device IP in the Trellix HX console > Admin > Appliance Settings > Network. -
For API Password and API Username type the API Admin credentials previously created in the Trellix HX console in Step 2.
-
In the optional Console Login section, for Username and Password, type the Admin credentials created in the Trellix HX console in Step 1.
-
Related terms
FireEye, FireEye HX, Fire Eye
Comments
0 comments
Please sign in to leave a comment.