McAfee ePolicy Orchestrator (ePO)
App Vendor: McAfee
App Category: Endpoint
Connector Version: 2.0.0
API Version: 1.0.0
About App
McAfee ePolicy Orchestrator (ePO) is a security management software that centralizes and streamlines the management of endpoint, network, data security, and compliance solutions. The McAfee ePolicy Orchestrator (ePO) app enables security teams to integrate with the McAfee ePolicy Orchestrator (ePO) enterprise application to manage endpoint, network, data security, and compliance solutions.
The McAfee ePolicy Orchestrator (ePO) app is configured with the Orchestrate application to perform the following actions:
Action Name | Description |
|---|---|
Get Help | This action retrieves the list of all the available endpoints. |
Apply Tag | This action applies tags to a system. |
Clear Tag | This action clears tags from systems. |
Get System Information | This action retrieves system information such as name, IP address, OS, and so on. |
Get Table | This action retrieves the list of all the tables. |
List Group IDs | This action retrieves the list of all the group IDs of all sub-trees in an organization. |
Move EPO System | This action moves systems in the organization sub-tree. This action is also used to quarantine a system. |
Query Table | This action queries tables. |
Wake up Agent | This action wakes up systems on which the client is installed. |
List Databases | This action retrieves the list of all available databases. |
List Queries | This action retrieves the list of all the queries which the user has permission to view. |
Search Policies | This action searches policies with the given query. |
Search Repository | This action searches repositories with the given query. |
Search System | This action searches systems in a system tree. |
Export Permission Set | This action exports all permission sets. |
Add User Permission | This action adds permission set to a user. |
Deploy Agent | This action deploys agents to a list of systems. |
End Task | This action ends a running task. |
Run Server Task | This action runs a server task. |
Configuration Parameters
The following configuration parameters are required for the McAfee ePolicy Orchestrator (ePO) app to communicate with the McAfee ePolicy Orchestrator (ePO) enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Base URL | Enter the base URL for the McAfee EPO application. Example: "https://mcepo.domain.tld:443" | Text | Required | |
Username | Enter the username to authenticate with the McAfee EPO application. Example: "SampleUser" | Text | Required | |
Password | Enter the password to authenticate with the McAfee EPO application. Example: "SamplePassword" | Password | Required | |
Verify | Enter the optional preference to verify the status of the SSL certificate. Example: $JSON[Yes] | Boolean | Optional | Allowed values:
Default value: No |
Action: Get Help
This action retrieves the list of all the available endpoints.
Action Input Parameters
This action does not require any input parameter.
Action: Apply Tag
This action applies tags to a system.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Names | Enter the name of the system. Example: "Sample System" | Text | Required | |
Tag Name | Enter the tag name. Example: "Sample Tag" | Text | Required |
Example Request
[
{
"names": "Sample System",
"tagname": "Sample Tag"
}
]Action: Clear Tag
This action clears tags from systems.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the system. Example: "Sample System" | Text | Required | |
Tag Name | Enter the tag name to clear from the system. Example: "Sample Tag" | Text | Required |
Example Request
[
{
"names": "Sample System",
"tagname": "Sample Tag"
}
]Action: Get System Information
This action retrieves system information such as name, IP address, OS, and so on.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Group ID | Enter the group ID to retrieve the associate system information. Example: "34" | Text | Required | You can retrieve group IDs using the List group IDs action. |
Example Request
[
{
"groupid": "34"
}
]Action: Get table
This action retrieves the list of all the tables.
Action Input Parameters
This action does not require any input parameter.
Action: List Group IDs
This action retrieves the list of all the group IDs of all sub-trees in an organization.
Action Input Parameters
This action does not require any input parameter.
Action: Move EPO System
This action moves systems in the organization sub-tree. This action is also used to quarantine a system.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Names | Enter the system name to move or quarantine. Example: "26A-DESKTOP" | Text | Required | |
Parent Group ID | Enter the group ID. Example: "54" | Text | Required |
Example Request
[
{
"names": "26A-DESKTOP",
"parentgroupid": "54"
}
]Action: Query Table
This action queries tables.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Query ID | Enter the query ID to retrieve query tables. Example: "23" | Text | Required | You can retrieve query ID using the List Queries action. |
Example Request
[
{
"query_id": "23"
}
]Action: Wake up Agent
This action wakes up systems on which the client is installed.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the system. Example: "Sample System Name" | Text | Required |
Example Request
[
{
"names": "Sample System Name"
}
]Action: List Databases
This action retrieves the list of all available databases.
Action Input Parameters
This action does not require any input parameter
Action: List Queries
This action retrieves the list of all the queries which the user has permission to view.
Action Input Parameters
This action does not require any input parameter.
Action: Search Policies
This action searches policies with the given query.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Query | Enter the query to search. Example: "quarantine" | Text | Required |
Example Request
[
{
"query": "quarantine"
}
]Action: Search Repository
This action searches repositories with the given query.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Query | Enter the query to search the repository. Example: "quarantine" | Text | Required |
Example Request
[
{
"query": "quarantine"
}
]Action: Search System
This action searches systems in a system tree.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Query | Enter the query to search for a system. Example: "Sample System" | Text | Required |
Example Request
[
{
"query": "Sample System"
}
]Action: Export Permission Set
This action exports all permission sets.
Action Input Parameters
This action does not require any input parameter.
Action: Add User Permission
This action adds a permission set to a user.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Username | Enter the username to add a permission set. Example: "Sample Username" | Text | Required | |
Permission Set Name | Enter the permission to set as a list. $LIST[Global Reviewer, Analyst] | List | Required |
Example Request
[
{
"user_name":"Sample Username",
"permission_set_name":[
"Global Reviewer",
"Analyst"
]
}
]Action: Deploy Agent
This action deploys agents to a list of systems.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the system. Example: "Sample Name" | Text | Required | |
Username | Enter the username for the agent installation. Example: "SampleUsername" | Text | Required | |
Password | Enter the password of the agent installation. Example: "SamplePassword" | Password | Required |
Example Request
[
{
"name": "Sample Name",
"user_name": "SampleUsername",
"password": "SamplePassword"
}
]Action: End Task
This action ends a running task.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Task Log ID | Enter the task log ID. Example: "46" | Text | Required |
Example Request
[
{
"task_log_id": "46"
}
]Action: Run Server Task
This action runs a server task.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Task Name | Enter the task name. to run the server task. Example: "New Server Task" | Text | Required |
Example Request
[
{
"task_name": "New Server Task"
}
]