IPAM 1.0.3
- 28 Mar 2023
- 2 Minutes to read
- DarkLight
- PDF
IPAM 1.0.3
- Updated on 28 Mar 2023
- 2 Minutes to read
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
tags: Python | Enrichment | IPAM | OpenWISP | Subnet | Internal IP
Description
Integration with OpenWISP IPAM supports CDC users by providing enrichments for internal IPs via REST API. This enables CDC users to make informed decisions regarding incident response.
OpenWISP IPAM is the IP address space administration module of OpenWISP.
CyberProof provides CLI commands to cater to different user actions, such as:
• Create IP, enrich IP, update IP, delete IP
• Create subnet, create subnet through CSV
• Enrich host, enrich subnet
• Create organization, delete organization, get organization list
CyberProof has also provided a custom input adaptive card form for IP, subnet, organization operations - so that a CDC user can perform these actions on IPAM to get the required information in the CDC. Custom adaptive cards are extensively used to display the enriched information in the CDC.
| Integration Type: | Enrichment |
| Information read: | IP, Subnet, Organization details |
| API Supported: | Rest APIs |
| Input: | Details required to Create, Enrich, Update, Delete IP or Subnet or Organization |
| Output: | Details enriched information about IP, Subnet, Organization provided in Input |
Customer Configuration
No specific configuration required at the customer end.
CDC Command Lines
* **create_ip_cli**
Create IP address
| Option | Type | Description | Required |
|---|---|---|---|
| ip | string | IP address ipv4 or ipv6 | True |
| subnet | string | subnet where IP needs | True |
| internet_facing | boolean | internet facing. | False |
| host_name | string | IP address name. | False |
| description | string | IP address description. | False |
| critical_asset | string | critical asset can be in range 1-5. | False |
* **create_subnet_cli**
Create subnet address.
| Option | Type | Description | Required |
|---|---|---|---|
| subnet | string | text file to upload for adding subnet | True |
| subnet_name | string | name of the subnet | True |
| description | string | description of the subnet | False |
* **import_subnet_cli**
This CLI of the CDC is used to upload a file from the CDC to the IPAM client server. Note the following: 1. At least one of use case config or rule config file name needs to be mentioned. 2. Input files for this CLI should be mandatorily in ".csv" format only. 3. Input 'overwrite' must be a boolean value (true/false). 4. While running the CLI, enter the Incident ID or Channel ID or Alert ID (in CDC version < 2.2).
| Option | Type | Description | Required |
|---|---|---|---|
| subnet_file | string | subnet import file name | False |
* **ip_operation_form_cli**
Populates form to handle IP operation.
| Option | Type | Description | Required |
|---|
* **subnet_operation_form_cli**
Populates form to handle subnet operation.
| Option | Type | Description | Required |
|---|
* **update_ip_cli**
Update IP address.
| Option | Type | Description | Required |
|---|---|---|---|
| ip | string | ip address. | True |
| host_name | string | IP address name. | False |
| description | string | IP address description. | False |
| internet_facing | boolean | internet facing. | False |
| critical_asset | string | Critical asset can be in range 1-5. | False |
* **update_subnet_cli**
Update subnet address.
| Option | Type | Description | Required |
|---|---|---|---|
| subnet | string | text file to upload for adding subnet | True |
| subnet_name | string | name of the subnet | True |
| description | string | description of the subnet | False |
Workflows
* **get_file_content_subworkflow**
This workflow is used to get the content of the yaml file attached to a CDC incident, alert, or channel.
* **post_create_organization**
Post create-organization in the CDC, by the ID of the incident/message/channel.
* **post_delete_ip**
Post delete-ip in the CDC, by the ID of the incident/message/channel.
* **post_delete_organization**
Post delete-organization in the CDC, by the ID of the incident/message/channel.
* **post_delete_subnet**
Post delete-subnet in the CDC, by the ID of the incident/message/channel.
* **post_enrich_host**
Post enrich-host in the CDC, by the ID of the incident/message/channel.
* **post_enrich_ip**
Post enrich-ip in the CDC, by the ID of the incident/message/channel.
Rules
No rules
Sensors
No sensors
Triggers
No triggers
Known Issues
No known issues
Was this article helpful?