From 776a97082a28e63681748fc23f18eadbaff7b7e6 Mon Sep 17 00:00:00 2001 From: Tapish Jain Date: Mon, 27 Jan 2025 14:10:30 -0800 Subject: [PATCH] PAPP-35185: fixed to cloud fmc access --- ciscosecurefirewall.json | 640 +++++++++++++++++++++++++++---- ciscosecurefirewall_connector.py | 73 ++-- 2 files changed, 602 insertions(+), 111 deletions(-) diff --git a/ciscosecurefirewall.json b/ciscosecurefirewall.json index 5b4b284..7866f81 100644 --- a/ciscosecurefirewall.json +++ b/ciscosecurefirewall.json @@ -1,11 +1,11 @@ { "appid": "21834fdf-826d-4595-a036-d7b8841ab798", "name": "Cisco Secure Firewall", - "description": "This app interfaces with Cisco Firepower devices to add, update and delete network objects, network object groups, access policies and access rules", + "description": "This app interfaces with Cisco Firepower devices to adds, updates and deletes network objects, network object groups, access policies and access rules", "publisher": "Splunk", "package_name": "phantom_ciscosecurefirewall", "type": "firewall", - "license": "Copyright (c) 2024 Splunk Inc.", + "license": "Copyright (c) 2025 Splunk Inc.", "main_module": "ciscosecurefirewall_connector.py", "app_version": "1.0.0", "utctime_updated": "2024-12-04T23:13:40.000000Z", @@ -39,27 +39,27 @@ "verify_server_cert": { "description": "Verify server certificate", "data_type": "boolean", - "order": 1 + "order": 2 }, "username": { "description": "User with access to the on-prem FMC node", "data_type": "string", - "order": 2 + "order": 3 }, "password": { "description": "Password for the on-prem FMC node", "data_type": "password", - "order": 3 + "order": 4 }, "domain_name": { "description": "Default firepower domain", "data_type": "string", - "order": 4 + "order": 5 }, - "cloud_api_key": { + "api_key": { "description": "Api key for cloud delivered FMC", - "data_type": "string", - "order": 5 + "data_type": "password", + "order": 6 }, "region": { "description": "Region your Cisco Security Cloud Control is deployed in", @@ -71,7 +71,7 @@ "AUS", "IN" ], - "order": 6 + "order": 7 } }, "actions": [ @@ -90,7 +90,7 @@ "description": "List network object in FMC", "type": "investigate", "read_only": true, - "identifier": "list_network_ojects", + "identifier": "list_network_objects", "parameters":{ "name": { "description": "Network object name to filter results by", @@ -123,6 +123,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.name", "data_type": "string" @@ -140,18 +152,24 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_order": 0, + "column_name": "Object Id" }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Object Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", "data_type": "string", "example_values": [ "Network" - ] + ], + "column_name": "Object Type", + "column_order": 2 }, { "data_path": "action_result.data.*.links.self", @@ -162,6 +180,10 @@ "data_type": "string" } ], + "render": { + "title": "Network Objects", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -210,6 +232,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.name", "data_type": "string" @@ -231,18 +265,24 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_order": 0, + "column_name": "Object Id" }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Object Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", "data_type": "string", "example_values": [ "Network" - ] + ], + "column_name": "Object Type", + "column_order": 2 }, { "data_path": "action_result.data.*.links.self", @@ -254,7 +294,9 @@ }, { "data_path": "action_result.data.*.value", - "data_type": "string" + "data_type": "string", + "column_name": "Object Value", + "column_order": 3 }, { "data_path": "action_result.data.*.metadata.domain.id", @@ -289,6 +331,10 @@ "data_type": "boolean" } ], + "render": { + "title": "Create Network Object", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -340,6 +386,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.object_id", "data_type": "string" @@ -365,18 +423,24 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Object Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Object Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", "data_type": "string", "example_values": [ "Network" - ] + ], + "column_name": "Object Type", + "column_order": 2 }, { "data_path": "action_result.data.*.links.self", @@ -388,7 +452,9 @@ }, { "data_path": "action_result.data.*.value", - "data_type": "string" + "data_type": "string", + "column_name": "Object Value", + "column_order": 3 }, { "data_path": "action_result.data.*.metadata.domain.id", @@ -423,6 +489,10 @@ "data_type": "boolean" } ], + "render": { + "title": "Update Network Object", + "type": "table" + }, "versions": "EQ(*)" }, @@ -466,6 +536,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.object_id", "data_type": "string" @@ -480,8 +562,79 @@ { "data_path": "action_result.parameter.domain_name", "data_type": "string" + }, + { + "data_path": "action_result.data.*.id", + "data_type": "string", + "column_name": "Object Id", + "column_order": 0 + }, + { + "data_path": "action_result.data.*.name", + "data_type": "string", + "column_name": "Object Name", + "column_order": 1 + }, + { + "data_path": "action_result.data.*.type", + "data_type": "string", + "example_values": [ + "Network" + ], + "column_name": "Object Type", + "column_order": 2 + }, + { + "data_path": "action_result.data.*.links.self", + "data_type": "string" + }, + { + "data_path": "action_result.data.*.links.parent", + "data_type": "string" + }, + { + "data_path": "action_result.data.*.value", + "data_type": "string", + "column_name": "Object Value", + "column_order": 3 + }, + { + "data_path": "action_result.data.*.metadata.domain.id", + "data_type": "string" + }, + { + "data_path": "action_result.data.*.metadata.domain.name", + "data_type": "string" + }, + { + "data_path": "action_result.data.*.metadata.domain.type", + "data_type": "string" + }, + { + "data_path": "action_result.data.*.metadata.ipType", + "data_type": "string" + }, + { + "data_path": "action_result.data.*.metadata.domain.lastUser.name", + "data_type": "string" + }, + { + "data_path": "action_result.data.*.metadata.domain.timestamp", + "data_type": "numeric" + }, + { + "data_path": "action_result.data.*.metadata.domain.parentType", + "data_type": "string" + }, + { + "data_path": "action_result.data.*.metadata.overridable", + "data_type": "boolean" } ], + "render": { + "title": "Delete Network Object", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -511,6 +664,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.group_name", "data_type": "string" @@ -521,13 +686,21 @@ }, { "data_path": "action_result.data.*.uuid", - "data_type": "string" + "data_type": "string", + "column_name": "Group Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Group Name", + "column_order": 1 } ], + "render": { + "title": "Network Groups", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -549,13 +722,18 @@ "example_values": [ "b2df29e8-5e6f-4c5d-9d5e-3fa9b3c9467b, a1c2f7d9-4b5e-42b1-8d9f-2f6b4a8e5e3c" ], - "required": true, "order": 1 }, + "overridable": { + "data_type": "boolean", + "description": "Changes to this won't affect parent policies or configurations", + "order": 2, + "default": false + }, "domain_name": { "description": "Firepower Domain. If none is specified the default domain will be queried", "data_type": "string", - "order": 2 + "order": 3 } }, "output": [ @@ -567,6 +745,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.name", "data_type": "string" @@ -584,11 +774,15 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Group Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Group Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -645,6 +839,10 @@ "data_type": "boolean" } ], + "render": { + "title": "Create Network Group", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -696,6 +894,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.network_group_id", "data_type": "string" @@ -724,11 +934,15 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Group Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Group Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -785,6 +999,10 @@ "data_type": "boolean" } ], + "render": { + "title": "Update Network Group", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -815,6 +1033,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.network_group_id", "data_type": "string" @@ -825,11 +1055,15 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Group Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Group Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -886,6 +1120,10 @@ "data_type": "boolean" } ], + "render": { + "title": "Delete Network Group", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -910,6 +1148,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.domain_name", "data_type": "string" @@ -919,16 +1169,24 @@ "data_type": "string", "example_values": [ "new-policy" - ] + ], + "column_name": "Policy Name", + "column_order": 0 }, { "data_path": "action_result.data.*.policy_id", "data_type": "string", "example_values": [ "00000000-0000-0ed3-0000-012884902138" - ] + ], + "column_name": "Policy Id", + "column_order": 1 } ], + "render": { + "title": "Access Control Policies", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -955,9 +1213,7 @@ "required": true, "value_list": [ "ALLOW", - "BLOCK", - "TRUST", - "MONITOR" + "TRUST" ], "order": 2 }, @@ -976,6 +1232,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.name", "data_type": "string" @@ -994,14 +1262,18 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_order": 0, + "column_name": "Policy Id" }, { "data_path": "action_result.data.*.name", "data_type": "string", "example_values": [ "new-policy" - ] + ], + "column_name": "Policy Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -1033,6 +1305,10 @@ "data_type": "string" } ], + "render": { + "title": "Create Access Control Policies", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -1084,6 +1360,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.policy_id", "data_type": "string" @@ -1106,14 +1394,18 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Policy Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", "data_type": "string", "example_values": [ "new-policy" - ] + ], + "column_name": "Policy Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -1160,9 +1452,15 @@ "data_type": "string", "example_values": [ "BLOCK" - ] + ], + "column_name": "Policy Action", + "column_order": 2 } ], + "render": { + "title": "Update Access Control Policies", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -1194,19 +1492,19 @@ ] }, { - "data_path": "action_result.parameter.policy_id", + "data_path": "action_result.message", "data_type": "string" }, { - "data_path": "action_result.parameter.name", - "data_type": "string" + "data_path": "summary.total_objects", + "data_type": "numeric" }, { - "data_path": "action_result.parameter.description", - "data_type": "string" + "data_path": "summary.total_objects_successful", + "data_type": "numeric" }, { - "data_path": "action_result.parameter.action", + "data_path": "action_result.parameter.policy_id", "data_type": "string" }, { @@ -1215,14 +1513,18 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Policy Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", "data_type": "string", "example_values": [ "new-policy" - ] + ], + "column_name": "Policy Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -1251,7 +1553,9 @@ }, { "data_path": "action_result.data.*.description", - "data_type": "string" + "data_type": "string", + "column_name": "Policy Description", + "column_order": 2 }, { "data_path": "action_result.data.*.defaultAction.id", @@ -1269,7 +1573,9 @@ "data_type": "string", "example_values": [ "BLOCK" - ] + ], + "column_name": "Policy Action", + "column_order": 3 }, { "data_path": "action_result.data.*.securityIntelligence.id", @@ -1287,6 +1593,10 @@ "data_type": "string" } ], + "render": { + "title": "Delete Access Control Policies", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -1322,6 +1632,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.policy_id", "data_type": "string" @@ -1332,16 +1654,24 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Rule Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", "data_type": "string", "example_values": [ - "new-policy" - ] + "new-rule" + ], + "column_name": "Rule Name", + "column_order": 1 } ], + "render": { + "title": "Access Control Rules", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -1406,6 +1736,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.policy_id", "data_type": "string" @@ -1445,11 +1787,15 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Rule Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Rule Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -1467,7 +1813,9 @@ "data_type": "string", "example_values": [ "BLOCK" - ] + ], + "column_name": "Rule Action", + "column_order": 2 }, { "data_path": "action_result.data.*.logEnd", @@ -1475,7 +1823,9 @@ }, { "data_path": "action_result.data.*.enabled", - "data_type": "boolean" + "data_type": "boolean", + "column_name": "Enabled", + "column_order": 3 }, { "data_path": "action_result.data.*.logBegin", @@ -1541,6 +1891,7 @@ { "data_path": "action_result.data.*.destinationNetworks.objects.*.id", "data_type": "string" + }, { "data_path": "action_result.data.*.destinationNetworks.objects.*.name", @@ -1558,6 +1909,10 @@ "data_type": "boolean" } ], + "render": { + "title": "Create Access Control Rules", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -1635,6 +1990,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.rule_id", "data_type": "string" @@ -1692,11 +2059,15 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Rule Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Rule Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -1714,7 +2085,9 @@ "data_type": "string", "example_values": [ "BLOCK" - ] + ], + "column_name": "Rule Action", + "column_order": 2 }, { "data_path": "action_result.data.*.logEnd", @@ -1722,7 +2095,9 @@ }, { "data_path": "action_result.data.*.enabled", - "data_type": "boolean" + "data_type": "boolean", + "column_name": "Enabled", + "column_order": 3 }, { "data_path": "action_result.data.*.logBegin", @@ -1823,6 +2198,10 @@ "data_type": "boolean" } ], + "render": { + "title": "Update Access Control Rules", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -1859,6 +2238,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.rule_id", "data_type": "string" @@ -1873,11 +2264,15 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Rule Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Rule Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -2004,6 +2399,10 @@ "data_type": "boolean" } ], + "render": { + "title": "Delete Access Control Rules", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -2028,27 +2427,52 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.domain_name", "data_type": "string" }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Device Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Device Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", - "data_type": "string" + "data_type": "string", + "example_values": [ + "SENSOR" + ], + "column_name": "Device Type", + "column_order": 2 }, { "data_path": "action_result.data.*.links.self", "data_type": "string" } ], + "render": { + "title": "List Devices", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -2073,26 +2497,48 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.domain_name", "data_type": "string" }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Device Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Device Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", "data_type": "string", "example_values": [ "SENSOR" - ] + ], + "column_name": "Device Type", + "column_order": 2 } ], + "render": { + "title": "Get Deployable Devices", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -2122,6 +2568,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.devices", "data_type": "string" @@ -2139,7 +2597,9 @@ }, { "data_path": "action_result.data.*.version", - "data_type": "string" + "data_type": "string", + "column_name": "Version", + "column_order": 0 }, { "data_path": "action_result.data.*.metadata.task.id", @@ -2154,9 +2614,15 @@ }, { "data_path": "action_result.data.*.deviceList.*", - "data_type": "string" + "data_type": "string", + "column_name": "Devices", + "column_order": 1 } ], + "render": { + "title": "Deploy Devices", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -2187,6 +2653,18 @@ "failed" ] }, + { + "data_path": "action_result.message", + "data_type": "string" + }, + { + "data_path": "summary.total_objects", + "data_type": "numeric" + }, + { + "data_path": "summary.total_objects_successful", + "data_type": "numeric" + }, { "data_path": "action_result.parameter.deployment_id", "data_type": "string" @@ -2200,7 +2678,9 @@ "data_type": "string", "example_values": [ "DeploymentRequest" - ] + ], + "column_name": "Deployment Id", + "column_order": 0 }, { "data_path": "action_result.data.*.task", @@ -2215,17 +2695,25 @@ "example_values": [ "Deploying", "Deployed" - ] + ], + "column_name": "Deployment Status", + "column_order": 1 }, { "data_path": "action_result.data.*.message", - "data_type": "string" + "data_type": "string", + "column_name": "Deployment Message", + "column_order": 2 }, { "data_path": "action_result.data.*.deviceList.*", "data_type": "string" } ], + "render": { + "title": "Get Deployment Status", + "type": "table" + }, "versions": "EQ(*)" } ], diff --git a/ciscosecurefirewall_connector.py b/ciscosecurefirewall_connector.py index 4cdb723..13d9d03 100644 --- a/ciscosecurefirewall_connector.py +++ b/ciscosecurefirewall_connector.py @@ -18,8 +18,8 @@ import encryption_helper import phantom.app as phantom import requests -from bs4 import BeautifulSoup import simplejson as json +from bs4 import BeautifulSoup from phantom.action_result import ActionResult from phantom.base_connector import BaseConnector @@ -147,7 +147,7 @@ def authenicate_cloud_fmc(self, config): based on the users region. """ region = config["region"] - api_key = config["cloud_api_key"] + api_key = config["api_key"] self.firepower_host = CLOUD_HOST.format(region=region.lower()) self.headers.update({"Authorization": f"Bearer {api_key}"}) return phantom.APP_SUCCESS @@ -168,7 +168,7 @@ def _get_token(self, action_result): self.refresh_count += 1 self.headers[REFRESH_TOKEN_KEY] = self._state[REFRESH_TOKEN_KEY] self.headers[TOKEN_KEY] = self._state[TOKEN_KEY] - ret_val, headers = self._api_run("post", REFRESH_ENDPOINT, action_result, headers_only=True, first_try=False) + ret_val, headers = self.__make_rest_call("post", REFRESH_ENDPOINT, action_result, headers_only=True, first_try=False) if not phantom.is_fail(ret_val): self.token = headers.get(TOKEN_KEY) self.headers[TOKEN_KEY] = self.token @@ -180,7 +180,7 @@ def _get_token(self, action_result): self.debug_print("Fetching a new token") self.headers.pop(REFRESH_TOKEN_KEY, None) auth = requests.auth.HTTPBasicAuth(self.username, self.password) - ret_val, headers = self._api_run("post", TOKEN_ENDPOINT, action_result, headers_only=True, first_try=True, auth=auth) + ret_val, headers = self.__make_rest_call("post", TOKEN_ENDPOINT, action_result, headers_only=True, first_try=True, auth=auth) if phantom.is_fail(ret_val): self.debug_print(f"Error {ret_val} while generating token with response {headers}") self._reset_state_file() @@ -281,7 +281,7 @@ def _process_response(self, r, action_result): return RetVal(action_result.set_status(phantom.APP_ERROR, msg), None) - def _api_run(self, method, resource, action_result, json_body=None, headers_only=False, first_try=True, params=None, auth=None): + def __make_rest_call(self, method, resource, action_result, json_body=None, headers_only=False, first_try=True, params=None, auth=None): """ This method makes a REST call to the API """ @@ -306,7 +306,7 @@ def _api_run(self, method, resource, action_result, json_body=None, headers_only return action_result.get_status(), None self.debug_print(f"Running url that failed because of token error {resource}") - return self._api_run(method, resource, action_result, json_body, headers_only, first_try=False) + return self.__make_rest_call(method, resource, action_result, json_body, headers_only, first_try=False) message = "Error from server. Status Code: {0} Data from server: {1}".format( result.status_code, result.text.replace("{", "{{").replace("}", "}}") @@ -333,7 +333,7 @@ def _handle_test_connectivity(self, param: Dict[str, Any]) -> bool: self.save_progress("Testing connectivity") url = GET_HOSTS_ENDPOINT.format(domain_id="default") - ret_val, _ = self._api_run("get", url, action_result) + ret_val, _ = self.__make_rest_call("get", url, action_result) if phantom.is_fail(ret_val): self.save_progress("Connectivity test failed") return action_result.get_status() @@ -349,7 +349,7 @@ def get_network_objects_of_type(self, object_type, domain_uuid, action_result, n params = {"limit": limit} while True: params["offset"] = offset - ret_val, response = self._api_run("get", url, action_result, params=params) + ret_val, response = self.__make_rest_call("get", url, action_result, params=params) if phantom.is_fail(ret_val): return action_result.get_status() @@ -399,7 +399,7 @@ def _handle_list_network_objects(self, param: Dict[str, Any]) -> bool: def get_network_object(self, domain_id: int, object_id: int) -> Tuple[bool, Dict[str, Any]]: url = NETWORK_OBJECT_ID_ENDPOINT.format(domain_id=domain_id, type="networks", object_id=object_id) - ret_val, response = self._api_run("get", url, self) + ret_val, response = self.__make_rest_call("get", url, self) return ret_val, response def _handle_create_network_object(self, param: Dict[str, Any]) -> bool: @@ -413,7 +413,7 @@ def _handle_create_network_object(self, param: Dict[str, Any]) -> bool: domain_uuid = self.get_domain_id(param.get("domain_name")) url = NETWORK_OBJECTS_ENDPOINT.format(domain_id=domain_uuid, type=object_type.lower() + "s") - ret_val, response = self._api_run("post", url, action_result, json_body=payload) + ret_val, response = self.__make_rest_call("post", url, action_result, json_body=payload) if phantom.is_fail(ret_val): return action_result.get_status() @@ -430,7 +430,7 @@ def _handle_update_network_object(self, param: Dict[str, Any]) -> bool: domain_uuid = self.get_domain_id(param.get("domain_name")) ret_val, curent_object = self.get_network_object(domain_uuid, object_id) if phantom.is_fail(ret_val): - return action_result.get_status() + return self.get_status() name = param.get("name") or curent_object["name"] object_type = param.get("type") or curent_object["type"] @@ -439,7 +439,7 @@ def _handle_update_network_object(self, param: Dict[str, Any]) -> bool: url = NETWORK_OBJECT_ID_ENDPOINT.format(domain_id=domain_uuid, type=object_type.lower() + "s", object_id=object_id) - ret_val, response = self._api_run("put", url, action_result, json_body=payload) + ret_val, response = self.__make_rest_call("put", url, action_result, json_body=payload) if phantom.is_fail(ret_val): return action_result.get_status() @@ -457,7 +457,7 @@ def _handle_delete_network_object(self, param: Dict[str, Any]) -> bool: domain_uuid = self.get_domain_id(param.get("domain_name")) url = NETWORK_OBJECT_ID_ENDPOINT.format(domain_id=domain_uuid, type=object_type.lower() + "s", object_id=object_id) - ret_val, response = self._api_run("delete", url, action_result) + ret_val, response = self.__make_rest_call("delete", url, action_result) if phantom.is_fail(ret_val): return action_result.get_status() @@ -493,7 +493,7 @@ def _handle_get_network_groups(self, param: Dict[str, Any]) -> bool: params = {"limit": limit, "expanded": True} while True: params["offset"] = offset - ret_val, response = self._api_run("get", url, action_result, params=params) + ret_val, response = self.__make_rest_call("get", url, action_result, params=params) if phantom.is_fail(ret_val): return action_result.get_status() @@ -523,14 +523,17 @@ def _handle_create_network_group(self, param: Dict[str, Any]) -> bool: action_result = self.add_action_result(ActionResult(dict(param))) group_name = param["name"] - object_ids = param["network_object_ids"] + object_ids = param.get("network_object_ids", "") objects = [{"id": item.strip()} for item in object_ids.split(",") if item.strip()] - payload = {"name": group_name, "type": "NetworkGroup", "objects": objects} + overridable = param.get("overridable", False) + payload = {"name": group_name, "type": "NetworkGroup", "overridable": overridable} + if objects: + payload["objects"] = objects domain_uuid = self.get_domain_id(param.get("domain_name")) url = NETWORK_GROUPS_ENDPOINT.format(domain_id=domain_uuid) - ret_val, response = self._api_run("post", url, action_result, json_body=payload) + ret_val, response = self.__make_rest_call("post", url, action_result, json_body=payload) if phantom.is_fail(ret_val): return action_result.get_status() @@ -541,7 +544,7 @@ def _handle_create_network_group(self, param: Dict[str, Any]) -> bool: def get_network_group(self, domain_uuid, group_id): url = NETWORK_GROUPS_ID_ENDPOINT.format(domain_id=domain_uuid, group_id=group_id) - ret_val, response = self._api_run("get", url, self) + ret_val, response = self.__make_rest_call("get", url, self) return ret_val, response def _handle_update_network_group(self, param: Dict[str, Any]) -> bool: @@ -570,7 +573,7 @@ def _handle_update_network_group(self, param: Dict[str, Any]) -> bool: resp["objects"] = objects update_url = NETWORK_GROUPS_ID_ENDPOINT.format(domain_id=domain_uuid, group_id=group_id) - ret_val, response = self._api_run("put", update_url, action_result, json_body=resp) + ret_val, response = self.__make_rest_call("put", update_url, action_result, json_body=resp) if phantom.is_fail(ret_val): return action_result.get_status() @@ -588,7 +591,7 @@ def _handle_delete_network_group(self, param): domain_uuid = self.get_domain_id(param.get("domain_name")) update_url = NETWORK_GROUPS_ID_ENDPOINT.format(domain_id=domain_uuid, group_id=group_id) - ret_val, response = self._api_run("delete", update_url, action_result) + ret_val, response = self.__make_rest_call("delete", update_url, action_result) if phantom.is_fail(ret_val): return action_result.get_status() @@ -609,7 +612,7 @@ def _handle_get_access_policies(self, param): params = {"limit": limit} while True: params["offset"] = offset - ret_val, response = self._api_run("get", url, action_result, params=params) + ret_val, response = self.__make_rest_call("get", url, action_result, params=params) if phantom.is_fail(ret_val): return action_result.get_status() @@ -644,7 +647,7 @@ def _handle_create_access_policy(self, param: Dict[str, Any]) -> bool: payload["description"] = param["description"] url = ACCESS_POLICY_ENDPOINT.format(domain_id=domain_uuid) - ret_val, response = self._api_run("post", url, action_result, json_body=payload) + ret_val, response = self.__make_rest_call("post", url, action_result, json_body=payload) if phantom.is_fail(ret_val): return action_result.get_status() @@ -655,7 +658,7 @@ def _handle_create_access_policy(self, param: Dict[str, Any]) -> bool: def get_access_policy(self, domain_uuid, policy_id): url = ACCESS_POLICY_ID_ENDPOINT.format(domain_id=domain_uuid, policy_id=policy_id) - ret_val, response = self._api_run("get", url, self) + ret_val, response = self.__make_rest_call("get", url, self) return ret_val, response def _handle_update_access_policy(self, param): @@ -689,7 +692,7 @@ def _handle_update_access_policy(self, param): url = ACCESS_POLICY_ID_ENDPOINT.format(domain_id=domain_uuid, policy_id=policy_id) print(f"payload is {payload}") - ret_val, response = self._api_run("put", url, action_result, json_body=payload) + ret_val, response = self.__make_rest_call("put", url, action_result, json_body=payload) if phantom.is_fail(ret_val): return action_result.get_status() print(f"updated policy with {response}") @@ -707,7 +710,7 @@ def _handle_delete_access_policy(self, param: Dict[str, Any]) -> bool: policy_id = param["policy_id"] url = ACCESS_POLICY_ID_ENDPOINT.format(domain_id=domain_uuid, policy_id=policy_id) - ret_val, response = self._api_run("delete", url, action_result) + ret_val, response = self.__make_rest_call("delete", url, action_result) if phantom.is_fail(ret_val): return action_result.get_status() @@ -741,7 +744,7 @@ def _handle_get_access_rules(self, param: Dict[str, Any]) -> bool: params = {"limit": limit} while True: params["offset"] = offset - ret_val, response = self._api_run("get", url, action_result, params=params) + ret_val, response = self.__make_rest_call("get", url, action_result, params=params) if phantom.is_fail(ret_val): return action_result.get_status() @@ -812,7 +815,7 @@ def _handle_create_access_rules(self, param: Dict[str, Any]) -> bool: rule_payload["destinationNetworks"]["objects"] = destination_networks_objects url = ACCESS_RULES_ENDPOINT.format(domain_id=domain_uuid, policy_id=policy_id) - ret_val, response = self._api_run("post", url, action_result, json_body=rule_payload) + ret_val, response = self.__make_rest_call("post", url, action_result, json_body=rule_payload) if phantom.is_fail(ret_val): return action_result.get_status() @@ -823,7 +826,7 @@ def _handle_create_access_rules(self, param: Dict[str, Any]) -> bool: def get_access_control_rule(self, domain_id: str, policy_id: str, rule_id: str) -> Tuple[bool, Dict[str, Any]]: url = ACCESS_RULES_ID_ENDPOINT.format(domain_id=domain_id, policy_id=policy_id, rule_id=rule_id) - ret_val, response = self._api_run("get", url, self) + ret_val, response = self.__make_rest_call("get", url, self) return ret_val, response def _handle_update_access_rule(self, param: Dict[str, Any]) -> bool: @@ -886,7 +889,7 @@ def _handle_update_access_rule(self, param: Dict[str, Any]) -> bool: rule_payload["destinationNetworks"] = {"objects": filtered_destination_networks} url = ACCESS_RULES_ID_ENDPOINT.format(domain_id=domain_uuid, policy_id=policy_id, rule_id=rule_id) - ret_val, response = self._api_run("put", url, action_result, json_body=rule_payload) + ret_val, response = self.__make_rest_call("put", url, action_result, json_body=rule_payload) if phantom.is_fail(ret_val): return action_result.get_status() @@ -906,7 +909,7 @@ def _handle_delete_access_rule(self, param: Dict[str, Any]) -> bool: policy_id = param["policy_id"] url = ACCESS_RULES_ID_ENDPOINT.format(domain_id=domain_uuid, policy_id=policy_id, rule_id=rule_id) - ret_val, response = self._api_run("delete", url, action_result) + ret_val, response = self.__make_rest_call("delete", url, action_result) if phantom.is_fail(ret_val): return action_result.get_status() @@ -928,7 +931,7 @@ def _handle_list_devices(self, param: Dict[str, Any]) -> bool: params = {"limit": limit} while True: params["offset"] = offset - ret_val, response = self._api_run("get", url, action_result, params=params) + ret_val, response = self.__make_rest_call("get", url, action_result, params=params) if phantom.is_fail(ret_val): return action_result.get_status() @@ -959,7 +962,7 @@ def get_deployable_devices(self, domain_id: str) -> Tuple[bool, Any]: params = {"limit": limit, "expanded": True} while True: params["offset"] = offset - ret_val, response = self._api_run("get", url, self, params=params) + ret_val, response = self.__make_rest_call("get", url, self, params=params) if phantom.is_fail(ret_val): return phantom.APP_ERROR, [] @@ -1019,7 +1022,7 @@ def _handle_deploy_devices(self, param: Dict[str, Any]) -> bool: url = DEPLOY_DEVICES_ENDPOINT.format(domain_id=domain_uuid) body = {"type": "DeploymentRequest", "version": "0", "forceDeploy": True, "ignoreWarning": True, "deviceList": devices_to_deploy} - ret_val, response = self._api_run("post", url, action_result, body) + ret_val, response = self.__make_rest_call("post", url, action_result, body) if phantom.is_fail(ret_val): return action_result.get_status() @@ -1038,7 +1041,7 @@ def _handle_get_deployment_status(self, param: Dict[str, Any]) -> bool: deployment_id = param["deployment_id"] url = DEPLOYMENT_STATUS_ENDPOINT.format(domain_id=domain_uuid, task_id=deployment_id) - ret_val, response = self._api_run("get", url, action_result) + ret_val, response = self.__make_rest_call("get", url, action_result) if phantom.is_fail(ret_val): return action_result.get_status() @@ -1058,7 +1061,7 @@ def handle_action(self, param): if action_id == "test_connectivity": ret_val = self._handle_test_connectivity(param) - elif action_id == "list_network_ojects": + elif action_id == "list_network_objects": self._handle_list_network_objects(param) elif action_id == "create_network_object": self._handle_create_network_object(param)