Skip to main content

ManageEngine

This Integration is part of the ManageEngine Pack.#

Supported versions

Supported Cortex XSOAR versions: 8.3.0 and later.

ManageEngine Endpoint Central is a Unified Endpoint Management solution that helps in managing thousands of servers, desktops, laptops and mobile devices from a single console. This integration serves as an Event Collector for Cortex XSIAM, enabling fetching AuditLogs from Endpoint Central.

Endpoint Central Cloud Domains#

Endpoint Central cloud is hosted at multiple data centers, and therefore available on different domains. There are several domains for Endpoint Central Cloud APIs, so you can use the one that is applicable to you.

Data CentreDomainEndpointCentral Server URI
United States.comhttps://endpointcentral.manageengine.com
Europe.euhttps://endpointcentral.manageengine.eu
India.inhttps://endpointcentral.manageengine.in
Australia.com.auhttps://endpointcentral.manageengine.com.au
China.cnhttps://endpointcentral.manageengine.cn
Japan.jphttps://endpointcentral.manageengine.jp
Canada.cahttps://endpointcentral.manageengine.ca

The APIs on this page are intended for organizations hosted on the .com domain. If your organization is on a different domain, replace “.com” with the appropriate domain for the API endpoints before using them.
Note: You can also find out which domain you’re accessing by checking the URL while logged in to Endpoint Central.

Setting Up the Instance#

Step 1: Generate Client ID and Client Secret#

  1. Register your application as a new client by accessing the developer console.
  2. Choose Self client as application type.
  3. After choosing the client type, provide the required details and click 'Create'. On successful registration, you will be provided with a set of OAuth 2.0 credentials such as Client_ID and Client_Secret that will be only known to Zoho and your application. (Do not share this credentials anywhere).

Step 2: Authorization by generating the grant token#

After generating Client_ID and Client_Secret, a grant code has to be generated. Self Client Method - For Self Client type.

  • After registration, click the Self Client method available on the Applications list.
  • Enter a valid scope: DesktopCentralCloud.Admin.READ

Click Create to generate Code.

Testing the configuration#

To test the configuration, run the !manage-engine-test command instead of using the Test button.

Configure ManageEngine in Cortex#

ParameterRequired
Server URLTrue
Client IDTrue
Client SecretTrue
CodeTrue
Trust any certificate (not secure)False
Use system proxy settingsFalse
Max number of audit events per fetchFalse
Fetch eventsFalse

Commands#

You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

manage-engine-test#


Tests connectivity of the server.

Base Command#

manage-engine-test

manage-engine-get-events#


Manual command to fetch events and display them.

Base Command#

manage-engine-get-events

Input#

Argument NameDescriptionRequired
should_push_eventsIf true, the command will create events. Otherwise, it will only display them. Used for debugging purposes.Required
limitMaximum number of results to return.Optional
start_dateDate from which to get events, For example '2018-11-06T08:56:41.000Z'.Optional
end_dateDate to which to get events , For example '2018-11-06T08:56:41.000Z'.Optional

Context Output#

There is no context output for this command.