Azure Storage Container
This Integration is part of the Azure Storage Container Pack.#
Supported versions
Supported Cortex XSOAR versions: 6.0.0 and later.
Azure Storage Container#
Create and Manage Azure Storage Container services. This integration was integrated and tested with version "2020-10-02" of Azure Storage Container
Configure Azure Storage Container on Cortex XSOAR#
Navigate to Settings > Integrations > Servers & Services.
Search for Azure Storage Container.
Click Add instance to create and configure a new integration instance.
Parameter Required Storage account name True Account SAS Token False Use Azure Managed Identities False Azure Managed Identities Client ID False Shared Key False Use system proxy settings False Trust any certificate (not secure) False Click Test to validate the URLs, token, and connection.
## Shared Access Signatures Information (SAS)#
- The required SAS token for this integration should be taken at the storage account level and not at container level.
Shared Access Signatures (SAS) Permissions#
In order to use the integration use-cases, please make sure your SAS token contains the following permissions:
- 'Blob' and 'File' service.
- 'Service', 'Container' and 'Object' resource types.
- 'Read', 'Write', 'Delete', 'List', 'Create', 'Add', 'Update' and 'Immutable storage' permissions.
- 'Blob versioning permissions'
Shared Key Permissions#
To set the AllowSharedKeyAccess property for an Azure Storage account, a user needs to have the permissions to create and manage storage accounts.
Commands#
You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
azure-storage-container-list#
List Containers under the specified storage account.
Base Command#
azure-storage-container-list
Input#
| Argument Name | Description | Required |
|---|---|---|
| limit | Number of Containers to retrieve. Default is 50. Default is 50. | Optional |
| prefix | Filters the results to return only Containers whose names begin with the specified prefix. | Optional |
| page | Page number. Default is 1. Default is 1. | Optional |
Context Output#
| Path | Type | Description |
|---|---|---|
| AzureStorageContainer.Container.name | String | Container name. |
Command Example#
!azure-storage-container-list prefix="xs"
Context Example#
Human Readable Output#
Containers List:#
Current page size: 50 Showing page 1 out others that may exist |Name| |---| | xsoar |
azure-storage-container-create#
Create a new Container under the specified account.
Base Command#
azure-storage-container-create
Input#
| Argument Name | Description | Required |
|---|---|---|
| container_name | The name of the Container to create. Rules for naming containers can be found here: https://docs.microsoft.com/en-us/rest/api/storageservices/naming-and-referencing-containers--blobs--and-metadata . | Required |
Context Output#
There is no context output for this command.
Command Example#
!azure-storage-container-create container_name="xsoar"
Human Readable Output#
Container xsoar successfully created.
azure-storage-container-property-get#
Retrieve properties for the specified Container.
Base Command#
azure-storage-container-property-get
Input#
| Argument Name | Description | Required |
|---|---|---|
| container_name | The name of the Container. | Required |
Context Output#
| Path | Type | Description |
|---|---|---|
| AzureStorageContainer.Container.Property.last_modified | Date | Last modified time of the container. |
| AzureStorageContainer.Container.Property.etag | String | The entity tag for the container. |
| AzureStorageContainer.Container.Property.lease_status | String | The lease status of the container. |
| AzureStorageContainer.Container.Property.lease_state | String | The lease state of the container. |
| AzureStorageContainer.Container.Property.has_immutability_policy | String | Indicates whether the container has an immutability policy set on it. |
| AzureStorageContainer.Container.Property.has_legal_hold | String | Indicates whether the container has a legal hold. |
| AzureStorageContainer.Container.name | String | Container name. |
Command Example#
!azure-storage-container-property-get container_name="xsoar"
Context Example#
Human Readable Output#
Container xsoar Properties:#
Last Modified Etag Lease Status Lease State Has Immutability Policy Has Legal Hold 2021-11-28T12:42:58 "0x8D9B26C9BBF026C" unlocked available false false
azure-storage-container-delete#
Marks the specified Container for deletion. The Container and any Blobs contained within it, will be deleted during garbage collection.
Base Command#
azure-storage-container-delete
Input#
| Argument Name | Description | Required |
|---|---|---|
| container_name | The name of the Container to delete. | Required |
Context Output#
There is no context output for this command.
Command Example#
!azure-storage-container-delete container_name="xsoar"
Human Readable Output#
Container xsoar successfully deleted.
azure-storage-container-blob-list#
List Blobs under the specified container.
Base Command#
azure-storage-container-blob-list
Input#
| Argument Name | Description | Required |
|---|---|---|
| container_name | The name of the Container. | Required |
| limit | Number of blobs to retrieve. Default is 50. Default is 50. | Optional |
| prefix | Filters the results to return only blobs whose names begin with the specified prefix. | Optional |
| page | Page number. Default is 1. Default is 1. | Optional |
Context Output#
| Path | Type | Description |
|---|---|---|
| AzureStorageContainer.Container.Blob.name | String | Blob name. |
| AzureStorageContainer.Container.name | String | Container name. |
Command Example#
!azure-storage-container-blob-list container_name="xsoar"
Context Example#
Human Readable Output#
xsoar Container Blobs List:#
Current page size: 50 Showing page 1 out others that may exist |Name| |---| | xsoar.txt |
azure-storage-container-blob-create#
Create a new Blob under the specified Container.
Base Command#
azure-storage-container-blob-create
Input#
| Argument Name | Description | Required |
|---|---|---|
| container_name | The name of the Blob Container. | Required |
| file_entry_id | The entry ID of the file to upload as a new blob. Available from XSOAR war room while the context data contains file output. | Required |
| blob_name | The name of the Blob to create. Default is XSOAR file name. | Optional |
Context Output#
There is no context output for this command.
Command Example#
!azure-storage-container-blob-create container_name="xsoar" file_entry_id="16488@b5e40781-86c8-4799-8f10-ace443e93234" blob_name="xsoar.txt"
Human Readable Output#
Blob successfully created.
azure-storage-container-blob-update#
Update the content of an existing Blob.
Base Command#
azure-storage-container-blob-update
Input#
| Argument Name | Description | Required |
|---|---|---|
| container_name | The name of the Blob Container. | Required |
| file_entry_id | The entry ID of the file to upload as a new blob. Available from XSOAR war room while the context data contains file output. | Required |
| blob_name | The name of the Blob to update. | Required |
Context Output#
There is no context output for this command.
Command Example#
!azure-storage-container-blob-update container_name="xsoar" file_entry_id="16488@b5e40781-86c8-4799-8f10-ace443e93234" blob_name="xsoar.txt"
Human Readable Output#
Blob xsoar.txt successfully updated.
azure-storage-container-blob-get#
Retrieve Blob from Container.
Base Command#
azure-storage-container-blob-get
Input#
| Argument Name | Description | Required |
|---|---|---|
| container_name | The name of the Blob Container. | Required |
| blob_name | The name of the Blob to retrieve. | Required |
Context Output#
| Path | Type | Description |
|---|---|---|
| File.Size | String | The size of the file. |
| File.SHA1 | String | The SHA1 hash of the file. |
| File.SHA256 | String | The SHA256 hash of the file. |
| File.Name | String | The name of the file. |
| File.SSDeep | String | The SSDeep hash of the file. |
| File.EntryID | String | The entry ID of the file. |
| File.Info | String | File information. |
| File.Type | String | The file type. |
| File.MD5 | Unknown | The MD5 hash of the file. |
| File.Extension | String | The file extension. |
Command Example#
!azure-storage-container-blob-get container_name="xsoar" blob_name="xsoar.txt"
Context Example#
Human Readable Output#
azure-storage-container-blob-tag-get#
Retrieve the tags of the specified Blob.
Base Command#
azure-storage-container-blob-tag-get
Input#
| Argument Name | Description | Required |
|---|---|---|
| container_name | The name of the Blob Container. | Required |
| blob_name | The name of the blob. | Required |
Context Output#
| Path | Type | Description |
|---|---|---|
| AzureStorageContainer.Container.Blob.Tag.Key | String | Tag key. |
| AzureStorageContainer.Container.Blob.Tag.Value | String | Tag value. |
| AzureStorageContainer.Container.Blob.name | String | Blob name. |
| AzureStorageContainer.Container.name | String | Container name. |
Command Example#
!azure-storage-container-blob-tag-get container_name="xsoar" blob_name="xsoar.txt"
Context Example#
Human Readable Output#
Blob xsoar.txt Tags:#
Key Value tag-name-1 tag-value-1
azure-storage-container-blob-tag-set#
Sets the tags for the specified Blob. The command replace the entire tags of the Blob and can be used to remove tags.
Base Command#
azure-storage-container-blob-tag-set
Input#
| Argument Name | Description | Required |
|---|---|---|
| container_name | The name of the Blob Container. | Required |
| blob_name | The name of the blob. | Required |
| tags | Tags fields in JSON format: {"tag-name-1": "tag-value-1", "tag-name-2": "tag-value-2"}. The tags fields may contain at most 10 tags. | Required |
Context Output#
There is no context output for this command.
Command Example#
``!azure-storage-container-blob-tag-set container_name="xsoar" blob_name="xsoar.txt" tags={ "tag-name-1": "tag-value-1" }````
Human Readable Output#
xsoar.txt Tags successfully updated.
azure-storage-container-blob-delete#
Marks the specified Blob for deletion. The Blob will be deleted during garbage collection.
Base Command#
azure-storage-container-blob-delete
Input#
| Argument Name | Description | Required |
|---|---|---|
| container_name | The name of the Blob Container. | Required |
| blob_name | The name of the Blob to delete. | Required |
Context Output#
There is no context output for this command.
Command Example#
!azure-storage-container-blob-delete container_name="xsoar" blob_name="xsoar.txt"
Human Readable Output#
Blob xsoar.txt successfully deleted.
azure-storage-container-blob-property-get#
Retrieve Blob properties.
Base Command#
azure-storage-container-blob-property-get
Input#
| Argument Name | Description | Required |
|---|---|---|
| container_name | The name of the Blob Container. | Required |
| blob_name | The name of the blob. | Required |
Context Output#
| Path | Type | Description |
|---|---|---|
| AzureStorageContainer.Container.Blob.Property.last_modified | Date | Last modified time of the blob. |
| AzureStorageContainer.Container.Blob.Property.etag | String | The entity tag for the blob. |
| AzureStorageContainer.Container.Blob.Property.lease_status | String | The lease status of the blob. |
| AzureStorageContainer.Container.Blob.Property.lease_state | String | The lease state of the blob. |
| AzureStorageContainer.Container.Blob.Property.blob_type | String | The blob type. |
| AzureStorageContainer.Container.Blob.Property.content_length | Number | The size of the blob in bytes. |
| AzureStorageContainer.Container.Blob.Property.content_type | String | The content type specified for the blob. If no content type was specified, the default content type is application/octet-stream. |
| AzureStorageContainer.Container.Blob.Property.content-md5 | String | The MD5 hash of the blob content. |
| AzureStorageContainer.Container.Blob.Property.creation_time | Date | The date at which the blob was created. |
| AzureStorageContainer.Container.Blob.name | String | Blob name. |
Command Example#
!azure-storage-container-blob-property-get container_name="xsoar" blob_name="xsoar.txt"
Context Example#
Human Readable Output#
Blob xsoar.txt Properties:#
Creation Time Last Modified Content Length Content Type Etag 2021-11-28T12:43:09 2021-11-28T12:43:17 11 application/octet-stream "0x8D9B26CA6AD74B3"
azure-storage-container-blob-property-set#
Set Blob properties.
Base Command#
azure-storage-container-blob-property-set
Input#
| Argument Name | Description | Required |
|---|---|---|
| container_name | The name of the Blob Container. | Required |
| blob_name | The name of the blob. | Required |
| content_type | Blob content type. Indicates the media type of the blob. | Optional |
| content_md5 | Blob MD5 hash value. Can be used by the client to check for content integrity. | Optional |
| content_encoding | Blob content encoding. Used to specify the compression algorithm of the blob content. | Optional |
| content_language | Blob content language. Describes the human languages of the blob content. | Optional |
| content_disposition | Blob content disposition. Conveys additional information about how to process the response payload, and also can be used to attach additional metadata. | Optional |
| cache_control | Modifies the cache control string for the blob. Indicates directives for caching in both requests and responses. | Optional |
| request_id | Request ID generated by the client and recorded in the analytics logs when storage analytics logging is enabled. | Optional |
| lease_id | Required if the blob has an active lease. | Optional |
Context Output#
There is no context output for this command.
Command Example#
!azure-storage-container-blob-property-set container_name="xsoar" blob_name="xsoar.txt" content_type="text/plain"
Human Readable Output#
Blob xsoar.txt properties successfully updated.
azure-storage-container-sas-create#
Retrieve Blob properties.
Base Command#
azure-storage-container-sas-create
Input#
| Argument Name | Description | Required |
|---|---|---|
| container_name | The name of the Blob Container. | Required |
| expiry_time | Expiry time for sas token(hours). | Required |
| signed_resources | specifies which resources are accessible via the shared access signature. Options available c(container), b(blob), bv(blob version),bs(blob snapshot),d(directory) | Required |
| signed_permissions | The permissions that are associated with the shared access signature. The user is restricted to operations that are allowed by the permissions. Possible permission: r = Read, a=access, c=create, w=write. Also must follow the this order "racwdxltmeop"Example: r,c,a,w,rac, racw. | Required |
| signed_ip | specifies a public IP address or a range of public IP addresses from which to accept requests. | Required |
| account_key | The account key to create the SAS token with. |
Command Example#
!azure-storage-container-sas-create account_key="TestAccountKey" expiry_time="1" signed_resources="test signed_permissions="test signed_ip="127.0.0.1"
azure-storage-container-block-public-access#
Block public access to a container..
Base Command#
azure-storage-container-block-public-access
Input#
| Argument Name | Description | Required |
|---|---|---|
| container_name | The name of the Blob Container. | Required |
Context Output#
There is no context output for this command.
Command Example#
!azure-storage-container-block-public-access container_name="xsoar"
Human Readable Output#
xsoar.txt Public access to container '{container_name}' has been successfully blocked.