Skip to content

Latest commit

 

History

History
155 lines (141 loc) · 4.17 KB

CONFIG_README.md

File metadata and controls

155 lines (141 loc) · 4.17 KB

Example config file: link

Config sections:

Prisma Cloud config

There are also for requests the following options as bundles:

    "stable": ['getPrismaStatus', 'getPrismaUsers', 'getPrismaSA', 'getPrismaAuditLogs', 'getPrismaPolicies', 'getPrismaCompliance', 'getPrismaPolicyCompliance','getPrismaConnClouds', 'getPrismaSSOBypass', 'getPrismaAlerts'],
    "beta": ['getPrismaStatus', 'getPrismaUsers', 'getPrismaSA', 'getPrismaAuditLogs', 'getPrismaPolicies', 'getPrismaCompliance', 'getPrismaPolicyCompliance', 'getPrismaConnClouds', 'getPrismaSSOBypass', 'getPrismaAlerts','getPrismaResourceLists','getPrismaResourceScans'],
    "PrismaCloud": [
        {
            "credentials": {
                "api": "https://api.prismacloud.io",
                "ApiID": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
                "ApiSecretKey": "xxxxxxxxxxxxxxxxxxxxxxxxxxxx"
            },
            "requests": [
                "getPrismaUsers",
                "getPrismaSA",
                "getPrismaAuditLogs",
                "getPrismaPolicies",
                "getPrismaCompliance",
                "getPrismaPolicyCompliance",
                "getPrismaAlerts",
                "getPrismaConnClouds", 
                "getPrismaSSOBypass",
                "getPrismaInventoryTag",
                "getPrismaResourceScans",
                "getPrismaInventoryFilters"
            ],
            "tag":"Credentials identifier tag"
        }
    ],

Qualys config

    "Qualys": [
        {
            "credentials": {
                "api": "https://qualysapi.qualys.com",
                "username": "XXXXXXXXXX",
                "password": "XXXXXXXXXX"
            },
            "requests": [
                "get_assets"
            ],
            "tag":"Credentials identifier tag"
        }
    ],

GCP config

    "GCP": [
        {
            "credentials": {
                "GOOGLE_APPLICATION_CREDENTIALS": "./SA_File.json",
                "ORG_ID": "xxxxxxxxxxxx"
            },
            "requests": [
                "getGCPVMs",
                "getGCPProjects",
                "getGCPAssets",
                "getGCPFindings",
                "getGCPLicense",
                "getGCPIP"
            ],
            "tag":"Credentials identifier tag"
        }
    ],

Output config file

"output": [
    {
        "report": "JSON",
        "path": "./local"
    },
    {
        "report": "CSV",
        "path": "./local"
    },
    {
        "report": "JSON",
        "path": "./local"
    }
]

Output config mysql

"output": [
    {
        "report": "MYSQL",
        "path": "mysql://root:my-secret-pw@localhost:3306/Mars"
    }
]

Convertor config

   "convertor": [
        {
            "type": "csvToXLSX",
            "path": "/root/Mars/output/",
            "outputPath":"/root/Mars/output2/"
        },
        {
            "type": "jsonToXLSX",
            "path": "/root/Mars/output/",
            "outputPath":"/root/Mars/output2/"
        }
    ]

Publisher config

If there are multiple entries in publish - they shouldn't be of the same repository and same branch - because the code will be executed async - and that will introduce overhead during the runtime as such the second entry will diverge from the time it cloned the repo to the moment of the push, because most likely the first entry will run first.

"publish": [
   {
            "type": "git",
            "auth":"ssh",
            "url": "git@github.com:sjultra/secret-repo.git",
            "path": "/root/Mars/output/",
            "branch": "main"
        },
        {
            "type": "git",
            "auth":"pat",
            "url": "github.com/sjultra/secret-repo",
            "user": "sjultra",
            "key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
            "path": "/root/Mars/output/",
            "branch": "main"
        }
]