TrustwaveFusion
Trustwave Fusion Pack.#
This Integration is part of theThe Trustwave Fusion platform connects your organization’s digital footprint to a robust security cloud comprised of the Trustwave data lake, advanced analytics, actionable threat intelligence and a wide range of Trustwave services including Trustwave SpiderLabs , elite team of security specialists. Your team will benefit from deep visibility and the advanced security expertise necessary for protecting assets and eradicating threats as they arise.
This integration was integrated and tested with version 1.0.68 of TrustwaveFusion
#
Configure TrustwaveFusion in CortexParameter | Description | Required |
---|---|---|
Fusion API URL | True | |
API Key | The API Key to use for connection | True |
Trust any certificate (not secure) | False | |
Use system proxy settings | False | |
Fetch incidents | False | |
Incident type | False | |
Maximum number of incidents per fetch | False | |
First fetch time | Format: [number] [time unit]. e.g., 12 hours, 7 days, 2 seconds etc. | False |
Ticket Types | Types of tickets to fetch | False |
#
CommandsYou can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
#
trustwave-get-ticketGet a single ticket
#
Base Commandtrustwave-get-ticket
#
InputArgument Name | Description | Required |
---|---|---|
id | Ticket ID. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
Trustwave.Ticket.number | String | The Ticket ID |
Trustwave.Ticket.subject | String | The ticket title. |
Trustwave.Ticket.status | String | The status of the ticket |
Trustwave.Ticket.description | String | The detailed ticket description. |
Trustwave.Ticket.category | String | Ticket category |
Trustwave.Ticket.createdBy | String | User that created the ticket. |
Trustwave.Ticket.createdOn | Date | The ticket creation time. |
Trustwave.Ticket.customerName | String | The name of the customer. |
Trustwave.Ticket.findings.classification | String | Category for finding related to the ticket. |
Trustwave.Ticket.findings.classificationCode | String | Category code for finding related to the ticket. |
Trustwave.Ticket.findings.findingId | String | Id finding related to the ticket. |
Trustwave.Ticket.formatted_notes | String | Human readable Notes for the ticket. |
Trustwave.Ticket.impact | String | Ticket impact (HIGH, MEDIUM, LOW) |
Trustwave.Ticket.notes.actor | String | User that added the note (comment) |
Trustwave.Ticket.notes.text | String | The note (comment) text. |
Trustwave.Ticket.notes.timestamp | Date | Time when the note (comment) was created. |
Trustwave.Ticket.priority | String | Ticket priority (CRITICAL, HIGH, MEDIUM, LOW) |
Trustwave.Ticket.subCategory | String | Ticket sub-category. |
Trustwave.Ticket.type | String | The ticket type (CASE, INCIDENT, CHANGE) |
Trustwave.Ticket.updatedOn | Date | When the ticket was last updated. |
Trustwave.Ticket.urgency | String | The ticket urgency (HIGH, MEDIUM, LOW) |
#
Command example!trustwave-get-ticket id="INA1976568"
#
Context Example#
Human Readable Output
field value assetIds category Threat Detection & Response createdBy dummyuser createdOn 2021-12-08T17:16:27.000+00:00 customerName Sample Customer description Ticket description. findings {'classification': None, 'classificationCode': 'UnauthorizedAccessOrIntrusionAttempt.', 'findingId': '765432:THREAT:@AXv0k6GhG2zTcaogE1vG'} impact HIGH notes {'actor': 'dummyuser', 'text': 'Note A', 'timestamp': '2021-12-08T17:16:27.000+00:00'},
{'actor': 'dummyuser', 'text': 'Note B', 'timestamp': '2021-12-08T17:17:57.000+00:00'},
{'actor': 'dummy_u....[Truncated]number INA1976568 priority HIGH status ON_HOLD subCategory Threat Operations subject Test incident #354 type INCIDENT updatedOn 2021-12-09T16:43:48.000+00:00 urgency MEDIUM formatted_notes 2021-12-08T17:16:27.000+00:00 Created by: dummyuser
NOTE:
Note A
----------------
2021-12-08T17:17:57.000+00:00 Created by: dummyuser
NOTE:
Note B
----------------
2021-12-09T1....[Truncated]
#
trustwave-search-ticketsSearch tickets
#
Base Commandtrustwave-search-tickets
#
InputArgument Name | Description | Required |
---|---|---|
id | Ticket ID. | Optional |
subject | Ticket Subject. | Optional |
type | Ticket type to query. Possible values are: INCIDENT, CASE, CHANGE. | Optional |
status | Ticket status. Possible values are: NEW, OPEN, IN_PROGRESS, AWAITING_INFO, ON_HOLD, RESOLVED, CLOSED, CANCELED, SCHEDULED. | Optional |
priority | Ticket priority. Possible values are: CRITICAL, HIGH, MEDIUM, LOW. | Optional |
impact | Ticket impact. Possible values are: HIGH, MEDIUM, LOW. | Optional |
urgency | Ticket urgency. Possible values are: HIGH, MEDIUM, LOW. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
Trustwave.Ticket.number | String | The Ticket ID |
Trustwave.Ticket.subject | String | The ticket title. |
Trustwave.Ticket.status | String | The status of the ticket |
Trustwave.Ticket.description | String | The detailed ticket description. |
Trustwave.Ticket.category | String | Ticket category. |
Trustwave.Ticket.createdBy | String | User that created the ticket. |
Trustwave.Ticket.createdOn | Date | The time when the ticket was created. |
Trustwave.Ticket.customerName | String | The name of the customer. |
Trustwave.Ticket.formatted_notes | String | Human readable notes. |
Trustwave.Ticket.impact | String | Ticket impact (HIGH, MEDIUM, LOW) |
Trustwave.Ticket.notes.actor | String | User that added the note (comment) |
Trustwave.Ticket.notes.text | String | The note (comment) text. |
Trustwave.Ticket.notes.timestamp | Date | Time when the note (comment) was created. |
Trustwave.Ticket.priority | String | Ticket priority (CRITICAL, HIGH, MEDIUM, LOW) |
Trustwave.Ticket.subCategory | String | Ticket sub-category. |
Trustwave.Ticket.type | String | The ticket type (CASE, INCIDENT, CHANGE) |
Trustwave.Ticket.updatedOn | Date | When the ticket was last updated. |
Trustwave.Ticket.urgency | String | The ticket urgency (HIGH, MEDIUM, LOW) |
#
Command example!trustwave-search-tickets limit=2 type=INCIDENT
#
Context Example#
Human Readable Output#
Results
assetIds category createdBy createdOn customerName description findings formatted_notes impact notes number priority status subCategory subject type updatedOn urgency 765432:managed-device#DEVICE:AW8Qp1Bextjwd2cF57Mk Technology Management cpe_outage_service 2021-11-29T10:56:45.000+00:00 Sample Customer 2021-11-29T10:56:44.000+00:00 Created by: cpe_outage_service
NOTE:
NOTE AHIGH {'actor': 'cpe_outage_service', 'text': 'NOTE A', 'timestamp': '2021-11-29T10:56:44.000+00:00'} INA1077007 HIGH CLOSED Cellular Backup Alert: device is using cellular INCIDENT 2021-12-29T00:00:08.000+00:00 MEDIUM Threat Detection & Response dummyuser 2021-12-08T17:16:27.000+00:00 Sample Customer Ticket description {'classification': None, 'classificationCode': 'UnauthorizedAccessOrIntrusionAttempt.', 'findingId': '765432:THREAT:@AXv0k6GhG2zTcaogE1vG'} 2021-12-08T17:16:27.000+00:00 Created by: dummyuser
NOTE:
Sample Note.
----------------
2021-12-08T17:17:57.000+00:00 Created by: dummyuser
NOTE:
Sample note #2.
----------------
2021-12-09T16:43:31.000+00:00 Created by: dummy_user
NOTE:
Sample note #3HIGH {'actor': 'dummyuser', 'text': 'Sample Note.', 'timestamp': '2021-12-08T17:16:27.000+00:00'},
{'actor': 'dummyuser', 'text': 'Sample note #2.', 'timestamp': '2021-12-08T17:17:57.000+00:00'},
{'actor': 'dummy_user', 'text': 'Sample note #3', 'timestamp': '2021-12-09T16:43:31.000+00:00'}INA1077535 HIGH ON_HOLD Threat Operations MCAS - Impossible travel activity INCIDENT 2021-12-09T16:43:48.000+00:00 MEDIUM
#
trustwave-add-ticket-commentAdd a comment to a ticket
#
Base Commandtrustwave-add-ticket-comment
#
InputArgument Name | Description | Required |
---|---|---|
id | Incident ID. | Required |
comment | Comment text. | Required |
#
Context OutputThere is no context output for this command.
#
Command example!trustwave-add-ticket-comment id=INA1051028 comment="test from xsoar"
#
Human Readable OutputSuccess
#
trustwave-close-ticketClose a ticket
#
Base Commandtrustwave-close-ticket
#
InputArgument Name | Description | Required |
---|---|---|
id | Incident ID. | Required |
comment | Comment text. | Required |
#
Context OutputThere is no context output for this command.
#
Command example!trustwave-close-ticket id="INA1051028" comment="Comment"
#
Human Readable OutputSuccess
#
trustwave-get-updated-ticketsGet updated tickets.
#
Base Commandtrustwave-get-updated-tickets
#
InputArgument Name | Description | Required |
---|---|---|
since | Absolute or relative date to check for updates. | Required |
fetch_limit | Maximum number of tickets to fetch. Default is 100. | Optional |
ticket_types | Ticket type to query. Possible values are: INCIDENT, CASE, CHANGE. Default is INCIDENT. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
Trustwave.Ticket.number | String | The Ticket ID |
Trustwave.Ticket.subject | String | The ticket title. |
Trustwave.Ticket.status | String | The status of the ticket |
Trustwave.Ticket.description | String | The detailed ticket description. |
Trustwave.Ticket.category | String | Ticket category. |
Trustwave.Ticket.createdBy | String | User that created the ticket. |
Trustwave.Ticket.createdOn | Date | The time when the ticket was created. |
Trustwave.Ticket.customerName | String | The name of the customer. |
Trustwave.Ticket.formatted_notes | String | Human readable notes. |
Trustwave.Ticket.impact | String | Ticket impact (HIGH, MEDIUM, LOW) |
Trustwave.Ticket.notes.actor | String | User that added the note (comment) |
Trustwave.Ticket.notes.text | String | The note (comment) text. |
Trustwave.Ticket.notes.timestamp | Date | Time when the note (comment) was created. |
Trustwave.Ticket.priority | String | Ticket priority (CRITICAL, HIGH, MEDIUM, LOW) |
Trustwave.Ticket.subCategory | String | Ticket sub-category. |
Trustwave.Ticket.type | String | The ticket type (CASE, INCIDENT, CHANGE) |
Trustwave.Ticket.updatedOn | Date | When the ticket was last updated. |
Trustwave.Ticket.urgency | String | The ticket urgency (HIGH, MEDIUM, LOW) |
#
Command example!trustwave-get-updated-tickets fetch_limit=2 since=2021-12-09T16:43:48.000+00:00
#
Context Example#
Human Readable Output#
Results
assetIds category createdBy createdOn customerName description findings formatted_notes impact notes number priority status subCategory subject type updatedOn urgency 765432:managed-device#DEVICE:AW8Qp1Bextjwd2cF57Mk Technology Management cpe_outage_service 2021-11-29T10:56:45.000+00:00 Sample Customer 2021-11-29T10:56:44.000+00:00 Created by: cpe_outage_service
NOTE:
NOTE AHIGH {'actor': 'cpe_outage_service', 'text': 'NOTE A', 'timestamp': '2021-11-29T10:56:44.000+00:00'} INA1077007 HIGH CLOSED Cellular Backup Alert: device is using cellular INCIDENT 2021-12-29T00:00:08.000+00:00 MEDIUM Threat Detection & Response dummyuser 2021-12-08T17:16:27.000+00:00 Sample Customer Ticket description {'classification': None, 'classificationCode': 'UnauthorizedAccessOrIntrusionAttempt.', 'findingId': '765432:THREAT:@AXv0k6GhG2zTcaogE1vG'} 2021-12-08T17:16:27.000+00:00 Created by: dummyuser
NOTE:
Sample Note.
----------------
2021-12-08T17:17:57.000+00:00 Created by: dummyuser
NOTE:
Sample note #2.
----------------
2021-12-09T16:43:31.000+00:00 Created by: dummy_user
NOTE:
Sample note #3HIGH {'actor': 'dummyuser', 'text': 'Sample Note.', 'timestamp': '2021-12-08T17:16:27.000+00:00'},
{'actor': 'dummyuser', 'text': 'Sample note #2.', 'timestamp': '2021-12-08T17:17:57.000+00:00'},
{'actor': 'dummy_user', 'text': 'Sample note #3', 'timestamp': '2021-12-09T16:43:31.000+00:00'}INA1077535 HIGH ON_HOLD Threat Operations MCAS - Impossible travel activity INCIDENT 2021-12-09T16:43:48.000+00:00 MEDIUM
#
trustwave-search-findingsSearch for Findings
#
Base Commandtrustwave-search-findings
#
InputArgument Name | Description | Required |
---|---|---|
id | Finding ID. | Optional |
limit | Maximum number of Findings to return. Default is 100. | Optional |
name | Name of the Finding. | Optional |
classification | Finding Classification. | Optional |
summary | Finding summary. | Optional |
detail | Finding detail. | Optional |
priority | Finding priority. Possible values are: CRITICAL, HIGH, MEDIUM, LOW. | Optional |
severity | Finding severity. | Optional |
created_since | created_since. | Optional |
updated_since | Updated since. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
Trustwave.Finding.classification | String | Category for the finding |
Trustwave.Finding.createdOn | Date | Time when the finding was created. |
Trustwave.Finding.customerName | String | Customer name for the finding. |
Trustwave.Finding.destination | String | Destination for finding. |
Trustwave.Finding.detail | String | Detailed description of the finding. |
Trustwave.Finding.id | String | The finding ID |
Trustwave.Finding.priority | Number | The priority of the finding. |
Trustwave.Finding.severity | Number | The severity of the finding. |
Trustwave.Finding.source | String | SOAR actions taken for finding. |
Trustwave.Finding.status.description | String | Current status of the Finding. |
Trustwave.Finding.summary | String | The name of the finding. |
Trustwave.Finding.type | String | The type of finding (e.g. THREAT, VULNERABILITY) |
Trustwave.Finding.updatedOn | Date | Time when the finding was last updated. |
#
Command example!trustwave-search-findings limit="2" summary="MS Graph Alert Detection Rule" type=threat updatedSince=2021-12-08T17:17:56.000+00:00
#
Context Example#
Human Readable Output#
Results
classification createdOn customerName destination detail id priority severity source status summary type updatedOn 2021-09-17T16:26:11.731+00:00 Sample Customer MCAS - Impossible travel activity 765432:THREAT:@AXv0k6GhG2zTcaogE1vG 4 4 description: Security Incident MS Graph Alert Detection Rule THREAT 2021-12-08T17:17:56.504+00:00 2021-10-26T22:33:17.567+00:00 Sample Customer ASC, MSTIC - Windows registry persistence method detected pqa VM_RegistryPersistencyKey 765432:THREAT:@AXy-u5fVt3G3ZYM6G5cH 2 2 description: False Positive MS Graph Alert Detection Rule THREAT 2021-12-16T17:21:31.384+00:00
#
trustwave-get-findingGet a Finding
#
Base Commandtrustwave-get-finding
#
InputArgument Name | Description | Required |
---|---|---|
id | Finding ID. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
Trustwave.Finding.analystNotes.actor | String | User that created the analyst note. |
Trustwave.Finding.analystNotes.text | String | Analyst note text. |
Trustwave.Finding.analystNotes.timestamp | Date | Time when the note was created |
Trustwave.Finding.assetsIds | String | Assets impacted by the finding |
Trustwave.Finding.classification | String | Category for the finding |
Trustwave.Finding.createdOn | Date | Time when the finding was created. |
Trustwave.Finding.customerName | String | Customer name for the finding. |
Trustwave.Finding.destination | String | Destination for finding. |
Trustwave.Finding.detail | String | Detailed description of the finding. |
Trustwave.Finding.eventsIds | String | List of event ID associated with the finding. |
Trustwave.Finding.id | String | The finding ID |
Trustwave.Finding.parentId | String | The ID of the parent of the finding. |
Trustwave.Finding.priority | Number | The priority of the finding. |
Trustwave.Finding.severity | Number | The severity of the finding. |
Trustwave.Finding.source | String | Source for finding |
Trustwave.Finding.status.description | String | Current status of the Finding. |
Trustwave.Finding.summary | String | The name of the finding. |
Trustwave.Finding.type | String | The type of finding (e.g. THREAT, VULNERABILITY) |
Trustwave.Finding.updatedOn | Date | Time when the finding was last updated. |
#
Command example!trustwave-get-finding id="765432:THREAT:@AXv0k6GhG2zTcaogE1vG"
#
Context Example#
Human Readable Output#
Results
analystNotes assetsIds childFindingIds classification createdOn customerName destination detail eventsIds id parentId priority severity source status summary type updatedOn {'actor': 'dummyuser', 'text': 'Note A', 'timestamp': '2021-12-08T17:17:56.790+00:00'} 765432:PERSON:AXsNy0R8CfYgZQumlNdv 2021-09-17T16:26:11.731+00:00 Sample Customer MCAS - Impossible travel activity 34c0e1b2-96e6-4a25-be3d-80d0671a5d8f 765432:THREAT:@AXv0k6GhG2zTcaogE1vG 4 4 description: Security Incident MS Graph Alert Detection Rule THREAT 2021-12-08T17:17:56.504+00:00
#
trustwave-get-assetGet an Asset
#
Base Commandtrustwave-get-asset
#
InputArgument Name | Description | Required |
---|---|---|
id | Asset ID. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
Trustwave.Asset.cidr | String | Network address in CIDR notation. |
Trustwave.Asset.createdOn | Date | Time when the asset was created. |
Trustwave.Asset.customerName | String | The customer name for the asset. |
Trustwave.Asset.id | String | The asset ID. |
Trustwave.Asset.ips | String | List of IP addresses for the asset. |
Trustwave.Asset.lastActivity | Date | Time of the last activity associated with the asset. |
Trustwave.Asset.name | String | The name of the asset. |
Trustwave.Asset.networkInterfaces.gateway | String | Gateway address for the asset network interface. |
Trustwave.Asset.networkInterfaces.hostnames | String | List of hostname for the asset network interface |
Trustwave.Asset.networkInterfaces.ip | String | IP address for the asset network interface |
Trustwave.Asset.networkInterfaces.macAddress | String | MAC address for the asset network interface |
Trustwave.Asset.networkInterfaces.macVendor | String | Vendor associated with the MAC address for the asset network interface |
Trustwave.Asset.networkInterfaces.subnet | String | Network subnet the asset network interface |
Trustwave.Asset.os | String | Asset operating system. |
Trustwave.Asset.services.applicationName | String | Service name. |
Trustwave.Asset.services.applicationProtocol | String | Service protocol. |
Trustwave.Asset.services.port | Number | Service port |
Trustwave.Asset.services.transportProtocol | String | Service transport. |
Trustwave.Asset.status | String | Asset status. |
Trustwave.Asset.type | String | The type of asset. |
Trustwave.Asset.updatedOn | Date | Time when the asset was last updated. |
Trustwave.Asset.uri | String | URI of the asset. |
#
Command example!trustwave-get-asset id="765432:DNA#DEVICE:AW2X-hCmXdgvNlcDpVGf"
#
Context Example#
Human Readable Output#
Results
cidr createdOn customerName id ips lastActivity name networkInterfaces notes os services status tags type updatedOn uri 2019-10-04T18:13:30.941+00:00 Sample Customer 765432:DNA#DEVICE:AW2X-hCmXdgvNlcDpVGf 10.103.201.47 host.example.com {'gateway': None, 'hostnames': ['host.example.com'], 'ip': '10.103.201.47', 'macAddress': None, 'macVendor': None, 'subnet': None} {'applicationName': None, 'applicationProtocol': None, 'port': 80, 'transportProtocol': 'tcp'},
{'applicationName': None, 'applicationProtocol': 'sunrpcportmap', 'port': 111, 'transportProtocol': 'tcp'},
{'applicationName': None, 'applicationProtocol': 'sunrpcportmap', 'port': 111, 'transportProtocol': 'udp'},
{'applicationName': None, 'applicationProtocol': 'ntp', 'port': 123, 'transportProtocol': 'udp'},
{'applicationName': None, 'applicationProtocol': 'snmp', 'port': 161, 'transportProtocol': 'udp'},
{'applicationName': None, 'applicationProtocol': None, 'port': 443, 'transportProtocol': 'tcp'},
{'applicationName': None, 'applicationProtocol': 'mysql', 'port': 3306, 'transportProtocol': 'tcp'},
{'applicationName': None, 'applicationProtocol': None, 'port': 5672, 'transportProtocol': 'tcp'},
{'applicationName': None, 'applicationProtocol': 'snmp', 'port': 16161, 'transportProtocol': 'udp'}Device 2019-10-04T19:09:59.907+00:00
#
trustwave-search-assetsSearch for Assets
#
Base Commandtrustwave-search-assets
#
InputArgument Name | Description | Required |
---|---|---|
id | Asset ID. | Optional |
limit | Maximum number of Assets to return. Default is 100. | Optional |
name | Name of the Asset. | Optional |
os | OS for the Asset. | Optional |
tags | Asset Tags to search for. | Optional |
port | port. | Optional |
app_protocol | Application Protocol. | Optional |
transport | Transport Protocol. | Optional |
type | Asset Type. | Optional |
created_since | created_since. | Optional |
updated_since | Updated since. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
Trustwave.Asset.cidr | String | Network address in CIDR notation. |
Trustwave.Asset.createdOn | Date | Time when the asset was created. |
Trustwave.Asset.customerName | String | The customer name for the asset. |
Trustwave.Asset.id | String | The asset ID. |
Trustwave.Asset.ips | String | List of IP addresses for the asset. |
Trustwave.Asset.lastActivity | Date | Time of the last activity associated with the asset. |
Trustwave.Asset.name | String | The name of the asset. |
Trustwave.Asset.networkInterfaces.gateway | String | Gateway address for the asset network interface. |
Trustwave.Asset.networkInterfaces.hostnames | String | List of hostname for the asset network interface |
Trustwave.Asset.networkInterfaces.ip | String | IP address for the asset network interface |
Trustwave.Asset.networkInterfaces.macAddress | String | MAC address for the asset network interface |
Trustwave.Asset.networkInterfaces.macVendor | String | Vendor associated with the MAC address for the asset network interface |
Trustwave.Asset.networkInterfaces.subnet | String | Network subnet the asset network interface |
Trustwave.Asset.os | String | Asset operating system. |
Trustwave.Asset.status | String | Asset status. |
Trustwave.Asset.type | String | The type of asset. |
Trustwave.Asset.updatedOn | Date | Time when the asset was last updated. |
Trustwave.Asset.uri | String | URI of the asset. |
#
Command example!trustwave-search-assets limit=2 type="DEVICE" name="host.example.com"
#
Context Example#
Human Readable Output#
Results
cidr createdOn customerName id ips lastActivity name networkInterfaces notes os services status tags type updatedOn uri 2019-10-04T18:13:30.941+00:00 Sample Customer 765432:DNA#DEVICE:AW2X-hCmXdgvNlcDpVGf 10.103.201.47 host.example.com {'gateway': None, 'hostnames': ['host.example.com'], 'ip': '10.103.201.47', 'macAddress': None, 'macVendor': None, 'subnet': None} {'applicationName': None, 'applicationProtocol': None, 'port': 80, 'transportProtocol': 'tcp'},
{'applicationName': None, 'applicationProtocol': 'sunrpcportmap', 'port': 111, 'transportProtocol': 'tcp'},
{'applicationName': None, 'applicationProtocol': 'sunrpcportmap', 'port': 111, 'transportProtocol': 'udp'},
{'applicationName': None, 'applicationProtocol': 'ntp', 'port': 123, 'transportProtocol': 'udp'},
{'applicationName': None, 'applicationProtocol': 'snmp', 'port': 161, 'transportProtocol': 'udp'},
{'applicationName': None, 'applicationProtocol': None, 'port': 443, 'transportProtocol': 'tcp'},
{'applicationName': None, 'applicationProtocol': 'mysql', 'port': 3306, 'transportProtocol': 'tcp'},
{'applicationName': None, 'applicationProtocol': None, 'port': 5672, 'transportProtocol': 'tcp'},
{'applicationName': None, 'applicationProtocol': 'snmp', 'port': 16161, 'transportProtocol': 'udp'}Device 2019-10-04T19:09:59.907+00:00