Request Clarification: FIDELIS_NETWORK Integration API Call

Question

Hi everyone,I’m checking if others are seeing issues with Fidelis Networks API which pulls logs to Google SecOps. We’re receiving messages that look like CEF but are wrapped in JSON, and the CEF formatting seems incorrect, which breaks Google SecOps parser. If you’ve encountered this and found a solution, I’d really appreciate your advice. Doc: https://docs.cloud.google.com/chronicle/docs/ingestion/default-parsers/fidelis-networkWe followed the above documentation and observed few steps mentioned in the doc is not there in the console. I would also like to know if there is a way to pull Fidelis logs to Google SecOps.Thank you!

kentphelps · Answer

I don’t have access to the Fidelis support portal but check your Fidelis CommandPost export settings for a specific toggle. I hope this helps.

Navigate to: System > Export

Look for the "Export Method" or "Format" setting.

If you see Syslog JSON, change it to Syslog / CEF
Some versions have a specific checkbox to "Encapsulate in JSON" or "Send as JSON object." Ensure this is unchecked so the system sends raw text

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded