This is a script for querying the Sophos XDR datalake. You only need valid API credentials. The SQL query is hardcoded and based on the "sophos_events_windows" template. The script creates a JSON log that is ready to be shipped to any SIEM solution.
-
Notifications
You must be signed in to change notification settings - Fork 0
lof1sec/sophos-xdr
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
No description or website provided.
Topics
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published