diff --git a/ciscosecurefirewall.json b/ciscosecurefirewall.json index 5b4b284..cfaacb7 100644 --- a/ciscosecurefirewall.json +++ b/ciscosecurefirewall.json @@ -56,9 +56,9 @@ "data_type": "string", "order": 4 }, - "cloud_api_key": { + "api_key": { "description": "Api key for cloud delivered FMC", - "data_type": "string", + "data_type": "password", "order": 5 }, "region": { @@ -140,18 +140,24 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_order": 0, + "column_name": "Object Id" }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Object Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", "data_type": "string", "example_values": [ "Network" - ] + ], + "column_name": "Object Type", + "column_order": 2 }, { "data_path": "action_result.data.*.links.self", @@ -162,6 +168,10 @@ "data_type": "string" } ], + "render": { + "title": "Network Objects", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -231,18 +241,24 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_order": 0, + "column_name": "Object Id" }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Object Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", "data_type": "string", "example_values": [ "Network" - ] + ], + "column_name": "Object Type", + "column_order": 2 }, { "data_path": "action_result.data.*.links.self", @@ -254,7 +270,9 @@ }, { "data_path": "action_result.data.*.value", - "data_type": "string" + "data_type": "string", + "column_name": "Object Value", + "column_order": 3 }, { "data_path": "action_result.data.*.metadata.domain.id", @@ -289,6 +307,10 @@ "data_type": "boolean" } ], + "render": { + "title": "Create Network Object", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -365,18 +387,24 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Object Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Object Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", "data_type": "string", "example_values": [ "Network" - ] + ], + "column_name": "Object Type", + "column_order": 2 }, { "data_path": "action_result.data.*.links.self", @@ -388,7 +416,9 @@ }, { "data_path": "action_result.data.*.value", - "data_type": "string" + "data_type": "string", + "column_name": "Object Value", + "column_order": 3 }, { "data_path": "action_result.data.*.metadata.domain.id", @@ -423,6 +453,10 @@ "data_type": "boolean" } ], + "render": { + "title": "Update Network Object", + "type": "table" + }, "versions": "EQ(*)" }, @@ -480,8 +514,79 @@ { "data_path": "action_result.parameter.domain_name", "data_type": "string" + }, + { + "data_path": "action_result.data.*.id", + "data_type": "string", + "column_name": "Object Id", + "column_order": 0 + }, + { + "data_path": "action_result.data.*.name", + "data_type": "string", + "column_name": "Object Name", + "column_order": 1 + }, + { + "data_path": "action_result.data.*.type", + "data_type": "string", + "example_values": [ + "Network" + ], + "column_name": "Object Type", + "column_order": 2 + }, + { + "data_path": "action_result.data.*.links.self", + "data_type": "string" + }, + { + "data_path": "action_result.data.*.links.parent", + "data_type": "string" + }, + { + "data_path": "action_result.data.*.value", + "data_type": "string", + "column_name": "Object Value", + "column_order": 3 + }, + { + "data_path": "action_result.data.*.metadata.domain.id", + "data_type": "string" + }, + { + "data_path": "action_result.data.*.metadata.domain.name", + "data_type": "string" + }, + { + "data_path": "action_result.data.*.metadata.domain.type", + "data_type": "string" + }, + { + "data_path": "action_result.data.*.metadata.ipType", + "data_type": "string" + }, + { + "data_path": "action_result.data.*.metadata.domain.lastUser.name", + "data_type": "string" + }, + { + "data_path": "action_result.data.*.metadata.domain.timestamp", + "data_type": "numeric" + }, + { + "data_path": "action_result.data.*.metadata.domain.parentType", + "data_type": "string" + }, + { + "data_path": "action_result.data.*.metadata.overridable", + "data_type": "boolean" } ], + "render": { + "title": "Delete Network Object", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -521,13 +626,21 @@ }, { "data_path": "action_result.data.*.uuid", - "data_type": "string" + "data_type": "string", + "column_name": "Group Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Group Name", + "column_order": 1 } ], + "render": { + "title": "Network Groups", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -549,13 +662,18 @@ "example_values": [ "b2df29e8-5e6f-4c5d-9d5e-3fa9b3c9467b, a1c2f7d9-4b5e-42b1-8d9f-2f6b4a8e5e3c" ], - "required": true, "order": 1 }, + "overridable": { + "data_type": "boolean", + "description": "Changes to this won't affect parent policies or configurations", + "order": 2, + "default": false + }, "domain_name": { "description": "Firepower Domain. If none is specified the default domain will be queried", "data_type": "string", - "order": 2 + "order": 3 } }, "output": [ @@ -584,11 +702,15 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Group Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Group Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -645,6 +767,10 @@ "data_type": "boolean" } ], + "render": { + "title": "Create Network Group", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -724,11 +850,15 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Group Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Group Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -785,6 +915,10 @@ "data_type": "boolean" } ], + "render": { + "title": "Update Network Group", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -825,11 +959,15 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Group Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Group Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -886,6 +1024,10 @@ "data_type": "boolean" } ], + "render": { + "title": "Delete Network Group", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -919,16 +1061,24 @@ "data_type": "string", "example_values": [ "new-policy" - ] + ], + "column_name": "Policy Name", + "column_order": 0 }, { "data_path": "action_result.data.*.policy_id", "data_type": "string", "example_values": [ "00000000-0000-0ed3-0000-012884902138" - ] + ], + "column_name": "Policy Id", + "column_order": 1 } ], + "render": { + "title": "Access Control Policies", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -955,9 +1105,7 @@ "required": true, "value_list": [ "ALLOW", - "BLOCK", - "TRUST", - "MONITOR" + "TRUST" ], "order": 2 }, @@ -994,14 +1142,18 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_order": 0, + "column_name": "Policy Id" }, { "data_path": "action_result.data.*.name", "data_type": "string", "example_values": [ "new-policy" - ] + ], + "column_name": "Policy Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -1033,6 +1185,10 @@ "data_type": "string" } ], + "render": { + "title": "Create Access Control Policies", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -1106,14 +1262,18 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Policy Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", "data_type": "string", "example_values": [ "new-policy" - ] + ], + "column_name": "Policy Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -1160,9 +1320,15 @@ "data_type": "string", "example_values": [ "BLOCK" - ] + ], + "column_name": "Policy Action", + "column_order": 2 } ], + "render": { + "title": "Update Access Control Policies", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -1215,14 +1381,18 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Policy Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", "data_type": "string", "example_values": [ "new-policy" - ] + ], + "column_name": "Policy Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -1251,7 +1421,9 @@ }, { "data_path": "action_result.data.*.description", - "data_type": "string" + "data_type": "string", + "column_name": "Policy Description", + "column_order": 2 }, { "data_path": "action_result.data.*.defaultAction.id", @@ -1269,7 +1441,9 @@ "data_type": "string", "example_values": [ "BLOCK" - ] + ], + "column_name": "Policy Action", + "column_order": 3 }, { "data_path": "action_result.data.*.securityIntelligence.id", @@ -1287,6 +1461,10 @@ "data_type": "string" } ], + "render": { + "title": "Delete Access Control Policies", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -1332,16 +1510,24 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Rule Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", "data_type": "string", "example_values": [ - "new-policy" - ] + "new-rule" + ], + "column_name": "Rule Name", + "column_order": 1 } ], + "render": { + "title": "Access Control Rules", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -1445,11 +1631,15 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Rule Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Rule Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -1467,7 +1657,9 @@ "data_type": "string", "example_values": [ "BLOCK" - ] + ], + "column_name": "Rule Action", + "column_order": 2 }, { "data_path": "action_result.data.*.logEnd", @@ -1475,7 +1667,9 @@ }, { "data_path": "action_result.data.*.enabled", - "data_type": "boolean" + "data_type": "boolean", + "column_name": "Enabled", + "column_order": 3 }, { "data_path": "action_result.data.*.logBegin", @@ -1541,6 +1735,7 @@ { "data_path": "action_result.data.*.destinationNetworks.objects.*.id", "data_type": "string" + }, { "data_path": "action_result.data.*.destinationNetworks.objects.*.name", @@ -1558,6 +1753,10 @@ "data_type": "boolean" } ], + "render": { + "title": "Create Access Control Rules", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -1692,11 +1891,15 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Rule Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Rule Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -1714,7 +1917,9 @@ "data_type": "string", "example_values": [ "BLOCK" - ] + ], + "column_name": "Rule Action", + "column_order": 2 }, { "data_path": "action_result.data.*.logEnd", @@ -1722,7 +1927,9 @@ }, { "data_path": "action_result.data.*.enabled", - "data_type": "boolean" + "data_type": "boolean", + "column_name": "Enabled", + "column_order": 3 }, { "data_path": "action_result.data.*.logBegin", @@ -1823,6 +2030,10 @@ "data_type": "boolean" } ], + "render": { + "title": "Update Access Control Rules", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -1873,11 +2084,15 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Rule Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Rule Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", @@ -2004,6 +2219,10 @@ "data_type": "boolean" } ], + "render": { + "title": "Delete Access Control Rules", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -2034,21 +2253,34 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Device Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Device Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", - "data_type": "string" + "data_type": "string", + "example_values": [ + "SENSOR" + ], + "column_name": "Device Type", + "column_order": 2 }, { "data_path": "action_result.data.*.links.self", "data_type": "string" } ], + "render": { + "title": "List Devices", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -2079,20 +2311,30 @@ }, { "data_path": "action_result.data.*.id", - "data_type": "string" + "data_type": "string", + "column_name": "Device Id", + "column_order": 0 }, { "data_path": "action_result.data.*.name", - "data_type": "string" + "data_type": "string", + "column_name": "Device Name", + "column_order": 1 }, { "data_path": "action_result.data.*.type", "data_type": "string", "example_values": [ "SENSOR" - ] + ], + "column_name": "Device Type", + "column_order": 2 } ], + "render": { + "title": "Get Deployable Devices", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -2139,7 +2381,9 @@ }, { "data_path": "action_result.data.*.version", - "data_type": "string" + "data_type": "string", + "column_name": "Version", + "column_order": 0 }, { "data_path": "action_result.data.*.metadata.task.id", @@ -2154,9 +2398,15 @@ }, { "data_path": "action_result.data.*.deviceList.*", - "data_type": "string" + "data_type": "string", + "column_name": "Devices", + "column_order": 1 } ], + "render": { + "title": "Deploy Devices", + "type": "table" + }, "versions": "EQ(*)" }, { @@ -2200,7 +2450,9 @@ "data_type": "string", "example_values": [ "DeploymentRequest" - ] + ], + "column_name": "Deployment Id", + "column_order": 0 }, { "data_path": "action_result.data.*.task", @@ -2215,17 +2467,25 @@ "example_values": [ "Deploying", "Deployed" - ] + ], + "column_name": "Deployment Status", + "column_order": 1 }, { "data_path": "action_result.data.*.message", - "data_type": "string" + "data_type": "string", + "column_name": "Deployment Message", + "column_order": 2 }, { "data_path": "action_result.data.*.deviceList.*", "data_type": "string" } ], + "render": { + "title": "Get Deployment Status", + "type": "table" + }, "versions": "EQ(*)" } ], diff --git a/ciscosecurefirewall_connector.py b/ciscosecurefirewall_connector.py index 4cdb723..ce19c0c 100644 --- a/ciscosecurefirewall_connector.py +++ b/ciscosecurefirewall_connector.py @@ -18,8 +18,8 @@ import encryption_helper import phantom.app as phantom import requests -from bs4 import BeautifulSoup import simplejson as json +from bs4 import BeautifulSoup from phantom.action_result import ActionResult from phantom.base_connector import BaseConnector @@ -147,7 +147,7 @@ def authenicate_cloud_fmc(self, config): based on the users region. """ region = config["region"] - api_key = config["cloud_api_key"] + api_key = config["api_key"] self.firepower_host = CLOUD_HOST.format(region=region.lower()) self.headers.update({"Authorization": f"Bearer {api_key}"}) return phantom.APP_SUCCESS @@ -430,7 +430,7 @@ def _handle_update_network_object(self, param: Dict[str, Any]) -> bool: domain_uuid = self.get_domain_id(param.get("domain_name")) ret_val, curent_object = self.get_network_object(domain_uuid, object_id) if phantom.is_fail(ret_val): - return action_result.get_status() + return self.get_status() name = param.get("name") or curent_object["name"] object_type = param.get("type") or curent_object["type"] @@ -523,9 +523,12 @@ def _handle_create_network_group(self, param: Dict[str, Any]) -> bool: action_result = self.add_action_result(ActionResult(dict(param))) group_name = param["name"] - object_ids = param["network_object_ids"] + object_ids = param.get("network_object_ids", "") objects = [{"id": item.strip()} for item in object_ids.split(",") if item.strip()] - payload = {"name": group_name, "type": "NetworkGroup", "objects": objects} + overridable = param.get("overridable", False) + payload = {"name": group_name, "type": "NetworkGroup", "overridable": overridable} + if objects: + payload["objects"] = objects domain_uuid = self.get_domain_id(param.get("domain_name")) url = NETWORK_GROUPS_ENDPOINT.format(domain_id=domain_uuid)