Skip to content

Asimily

Product Name

About

Asimily is an industry-leading risk management platform that secures IoT devices for healthcare, manufacturing, public sector, and other industries that depend on their numerous connected devices.

Product Details

Vendor URL: asimily.com

Product Type: IoT security platform

Product Tier: Tier II

Integration Method: Syslog

Integration URL: Forwarders - Cyderes Documentation

Parser Details

Log Format: Syslog

Expected Normalization Rate: 100%

Data Label: ASIMILY

UDM Fields (list of all UDM fields leveraged in the Parser):

Log File Field UDM Field
AssetNote (static) metadata.vendor_name
AssetNote (static) metadata.product_name
value.asset principal.asset.hostname
value.asset principal.hostname
value.exposure_description metadata.description
value.exposure_request additional.fields
value.exposure_response additional.fields
value.exposure_severity security_result.severity_details
value.exposure_name security_result.rule_name
value.exposure_id security_result.rule_id
value.asset_details_url additional.fields
value.indicator_of_compromise additional.fields
value.javascript_file additional.fields
value.exposure_triage_url security_result.url_back_to_product
value.exposure_url target.url
value.asset_type principal.resource.resource_subtype
custom filter target.application
custom filter network.http.response_code
custom filter network.http.response_code
custom filter network.http.referral_url
custom filter network.http.method
custom filter network.http.user_agent
eumerated output network.application_protocol
record.asset principal.asset.hostname
record.asset principal.hostname
record.asset_details_url additional.fields
record.asset_group_url additional.fields
record.asset_id principal.asset_id
record.asset_type principal.resource.resource_subtype
record.ssl_subject_dn network.dns_domain
record.indicator_of_compromise additional.fields
record.javascript_file additional.fields
record.screenshot security_result.url_back_to_product
record.status_code additional.fields
record.a_records principal.ip
record.cname_records about.hostname
record.ports about.port
record.technologies additional.fields

Product Event Types

Event UDM Event Classification
all others SCAN_UNCATEGORIZED

Log Sample

dateTime="2024-02-21T04:10:25.276Z" deviceType="Ultrasound" lastDiscoveredAt="" hostName="hostname1" process="Asimily CE" serialNumber="" os="windows 11" deviceTag="" nasPortId="" ipAddress="10.0.0.1" criticality="High" deviceFamily="Imaging Devices,Medical Devices" connectionType="WIRED" manufacturer="device_manufacturer" firstDiscoveredAt="2023-04-12T00:08:57.798Z" macAddress="28:b9:d8:a2:a2:a1" application="Asimily" context="PrintNightMare for Medical Devices" deviceModel="device_model" alertId="11934774A0273B000022" facility="office_1" destinationIpAddress="" nasIpAddress=""

Sample Parsing

additional.fields["connectionType"] = "WIRED"
additional.fields["deviceFamily"] = "Imaging Devices,Medical Devices"
metadata.description = "PrintNightMare for Medical Devices"
metadata.event_timestamp.seconds = 1708488625
metadata.event_timestamp.nanos = 276000000
metadata.event_type = "SCAN_UNCATEGORIZED"
metadata.product_name = "Asimily"
metadata.vendor_name = "Asimily"
principal.application = "Asimily"
principal.asset.category = "Imaging Devices,Medical Devices"
principal.asset.first_discover_time.seconds = 1681258137
principal.asset.first_discover_time.nanos = 798000000
principal.asset.hardware.manufacturer = "device_manufacturer"
principal.asset.hardware.model = "device_model"
principal.asset.hostname = "hostname1"
principal.asset.ip = "10.0.0.1"
principal.asset.mac = "28:b9:d8:a2:a2:a1"
principal.asset.platform_software.platform = "WINDOWS"
principal.asset.platform_software.platform_version = "windows 11"
principal.hostname = "hostname1"
principal.ip = "10.0.0.1"
principal.location.name = "office_1"
principal.mac = "28:b9:d9:e1:b1:96"
principal.process.file.names = "Asimily CE"
principal.resource.resource_subtype = "Ultrasound"
security_result.severity = "HIGH"
security_result.threat_id = "11934774A0273B000022"