Overview of FSO Plugins

In this installment of the Tips and Insights series, Mohammad Anwar gives a brief overview of the plugins for the FireEye Security Orchestrator product, including a description of what plugins are, how to install them, and configure them for use in FSO.

Hi, My name is Mohamed Anwar, and I’m a security integration engineer on the orchestration architecture team With Fire I today I’ll give you an overview of the plug ins for the Fire I security orchestrator product. I’ll go over what plug ins are, how to install them and configure them free for use in FSO. I will also show you how to upgrade a plug inversion once a new release comes out and how to uninstall the plug in as well plug ins or packages that are used in Fire I security orchestrator to enable connectivity to third party service is plug ins or a set of a P I commands with inputs and outputs defined by an engineer like myself to connect to the third party service and run their commands using the AP, I commands in the plug in. In order to install a plug in, we need to first get the Tar file located on the target machine. Let’s assume that that has already happened. So let’s go ahead and S S h into the box and we can see that the plug in development is already enabled so we can go ahead and look at the packages that are on the machine, and we can confirm that it is located here in order to install the package with episode package install and then the file name for what version we want. And once that’s done, we can go ahead and confirm on the U I that it is in fact, installed.

And if we needed to upgrade this to a newer version, we would then uninstalled the old package by doing FSO package uninstall.

And then we can see that the old package is gone and we could go episode, package, install. And then we would select the new version.

And then we can see that on the U I that the new version is installed in orderto force reinstall. We would then use the flag force reinstall, and this would be used in the case where the version number was not checked. And there’s new content in the package and we can see that it removed the old package and reinstalled the new one, and we could see that time updated.

This concludes the overview for the plug ins and fire I security orchestrator. I hope this overview gives you an understanding of plug ins and how to use them in FSO. Thank you for taking the time to check out our plug more fireeye tips and insights.

Scroll to Top