03-11-2019 11:25 AM
Is anyone mining (own) firewalls reports?
I hate to reinvent wheel, so would appreciate any suggestions.
Use case: Teamviewer
They are not publishing their IPs ( https://community.teamviewer.com/t5/Knowledge-Base/Which-ports-are-used-by-TeamViewer/ta-p/4139 ). We have a few firewalls and running custom report on application Teamviewer from Panorama gives a nice list of addresses. I would like to feed those addresses back to EDL and use it to restrict use of Teamviewer. I am not trying to create any instant solution to prevent use of tw, just trying to help people comply to company policy.
What I am thinking is to first use curl (and API) to trigger report and then curl report in to minemeld using job number from previous curl reply and then move it under www and mine it. Only bad part is plaintext apikey in curl. And fact that this feels somewhat shaky.
So anyone mining firewall reports directly?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
