public interface ServiceContext
Modifier and Type | Field and Description |
---|---|
static int |
CSV_READ_ONCE_LINES |
static String |
EXT_SYNC_EVENT_TYPE
The event type to report device integration error.
|
static String |
FAILED_UPLOADING_DEVICES
The Failed uploading devices is used to store how many devices are failed on integration.
|
static String |
INCIDENT_ENDPOINT |
static String |
INSTANCE |
static String |
KEY_BOARD
Connectwise only, used to specify the destination service board.
|
static String |
KEY_CLIENTID
ConnectWise Client Id
clientId is a unique GUID or Globally Unique Identifier assigned to each integration.
|
static String |
KEY_COLLECTION
STIX/TAXII only
|
static String |
KEY_CONDITION
extra condition need to be appended to query
|
static String |
KEY_CONFIG
Any other configurations in key:value format, not used for now.
|
static String |
KEY_CSV_READ_BYTE |
static String |
KEY_CSV_READ_COMPLETE |
static String |
KEY_CSV_READ_ONCE_LINES |
static String |
KEY_CSV_START_LINE |
static String |
KEY_DOMAIN
Used by systems requiring something like Company/Org/Domain to login, for example for Connectwise, it is the Company field.
|
static String |
KEY_ERROR
RISKIQ/VIRUSTOTAL only
|
static String |
KEY_FULL_UPDATE
Full or Incremental
|
static String |
KEY_GROUP_NAME
This CMDB group name that has download set up for Threat Feeds.
|
static String |
KEY_INCIDENT
RISKIQ/VIRUSTOTAL only
|
static String |
KEY_INSTANCE
Jira
|
static String |
KEY_ISSUE_TYPE |
static String |
KEY_JIRA_MAPPING |
static String |
KEY_LAST_UPDATE
The last update time from the third party web site defined in
KEY_URL |
static String |
KEY_MAX_DOWNLOAD_LINES
This parameter can be used to limit the maximum number of Threat Feeds can be downloaded each time.
|
static String |
KEY_MAX_GROUP_ITEMS
This parameter can be used to limit the maximum number of Threat Feeds in a CMDB group.
|
static String |
KEY_OUTPUT
The directory that the downloaded Threat Feeds can be saved to.
|
static String |
KEY_PROJECT |
static String |
KEY_PWD
The password or key if needed to connect the web site defined using
KEY_URL . |
static String |
KEY_RANGE
To specify a time range in hour which is used when doing inbound integration, it should be a int value
|
static String |
KEY_SRC
The AO server who is the source of the integrated objects.
|
static String |
KEY_TYPE
The object type that can be integrated to a third party system
|
static String |
KEY_URL
The third party web site URL used to integrate with or download from.
|
static String |
KEY_USER
The user name if needed to connect to the third party web site defined using
KEY_URL . |
static String |
KEY_XML
The input XML which represent FortiSIEM objects will be integrated with an third party system.
|
static String |
KEY_XSLT
XSLT file path to do XML translation, not used for now.
|
static String |
LINK_DEVICES |
static int |
MAX_DOWNLOAD_LINES
The default maximum number of Threat Feeds can be downloaded each time.
|
static int |
MAX_GROUP_ITEMS
The default maximum number of Threat Feeds in a CMDB group.
|
static String |
RBA_PAYLOAD_NAME |
static String |
RBA_SERVICE_NAME
RBA only
|
Modifier and Type | Method and Description |
---|---|
<T> T |
getAttribute(String key)
Get the attribute value identified as the key.
|
InternalObject[] |
getInputParameters()
Get an array of input parameters.
|
ExternalObjectInfo[] |
getOutputParameters()
Get an array of output parameters
|
<T> void |
setAttribute(String key,
T value)
Set the attribute value identified as the key.
|
void |
setInputParameters(InternalObject[] objects)
Set an array of input parameters.
|
void |
setOutputParameters(ExternalObjectInfo[] objects)
Set an array of output parameters.
|
static final String KEY_URL
static final String KEY_USER
KEY_URL
.KEY_URL
,
Constant Field Valuesstatic final String KEY_PWD
KEY_URL
.static final String KEY_COLLECTION
static final String KEY_INCIDENT
static final String RBA_SERVICE_NAME
static final String RBA_PAYLOAD_NAME
static final String KEY_ERROR
static final String KEY_INSTANCE
static final String KEY_PROJECT
static final String KEY_ISSUE_TYPE
static final String KEY_JIRA_MAPPING
static final String EXT_SYNC_EVENT_TYPE
static final String KEY_DOMAIN
static final String KEY_CLIENTID
static final String KEY_BOARD
static final String KEY_XSLT
The XSLF file can be located under /opt/phoenix/config/transform/{companyname} in release 4.4.1
static final String KEY_TYPE
Currently,two types of FortiSIEM objects can be integrated with a third party system
1. Device
2. Incident
static final String KEY_XML
The supported object type are defined in KEY_TYPE
.
Please also see the schema definition file for Device, Incident, and Ticket.
static final String KEY_CONFIG
static final String KEY_RANGE
Optional and default value is 24.
static final String KEY_SRC
static final String KEY_CONDITION
static final String KEY_FULL_UPDATE
static final String FAILED_UPLOADING_DEVICES
static final String KEY_OUTPUT
The custom BaseThreatFeedUpdateService.download(com.accelops.service.ServiceContext)
implementation of the Threat Feed Service
can use this parameter as the key to call getAttribute(java.lang.String)
to get the directory to save the downloaded Threat Feeds and return
the absolute filename to the caller.
static final String KEY_LAST_UPDATE
KEY_URL
If this parameter is not set, it means there is no download happened yet.
static final String KEY_MAX_DOWNLOAD_LINES
In release 4.4.1, this parameter can only be set in phoenix_config.txt.
If there is no setting in phoenix_config.txt, the default maximum number of Threat Feeds downloaded is defined at
MAX_DOWNLOAD_LINES
Set this parameter in phoenix_config.txt as the following:
[BEGIN GLOBAL]
MAX_DOWNLOAD_LINES=100000
[END GLOBAL]
static final String KEY_MAX_GROUP_ITEMS
In release 4.4.3, this parameter can only be set in phoenix_config.txt.
If there is no setting in phoenix_config.txt, the default maximum number of Threat Feeds in a CMDB group is defined at
MAX_GROUP_ITEMS
Set this parameter in phoenix_config.txt as the following:
[BEGIN GLOBAL]
MAX_GROUP_ITEMS=400000
[END GLOBAL]
static final String KEY_GROUP_NAME
The custom BaseThreatFeedUpdateService
implementation of the Threat Feed Service
can use this parameter as the key to call getAttribute(java.lang.String)
to get group name if needed.
static final int MAX_DOWNLOAD_LINES
In release 4.4.1, this number is set to 200000.
static final int MAX_GROUP_ITEMS
In release 4.4.1, this number is set to 200000.
static final String KEY_CSV_START_LINE
static final int CSV_READ_ONCE_LINES
static final String KEY_CSV_READ_COMPLETE
static final String KEY_CSV_READ_ONCE_LINES
static final String KEY_CSV_READ_BYTE
static final String LINK_DEVICES
static final String INCIDENT_ENDPOINT
static final String INSTANCE
<T> T getAttribute(String key)
T
- Type of attribute value objectkey
- the key used to retrieve the attribute value.<T> void setAttribute(String key, T value)
T
- Type of attribute value objectkey
- the key used to set the attribute valuevalue
- the attribute valueInternalObject[] getInputParameters()
InternalObject
objectsInternalObject
void setInputParameters(InternalObject[] objects)
objects
- an array of InternalObject
objectsInternalObject
ExternalObjectInfo[] getOutputParameters()
ExternalObjectInfo
objectsExternalObjectInfo
void setOutputParameters(ExternalObjectInfo[] objects)
objects
- an array of ExternalObjectInfo
objects.ExternalObjectInfo
Copyright © 2019. All rights reserved.