CyberArk AIM v2

The CyberArk Application Identity Manager (AIM) provides a secure safe in which to store your account credentials. Use this integration to retrieve the account credentials in CyberArk AIM. This integration fetches credentials. For more information, see Managing Credentials.

Configure CyberArkAIM v2 on Cortex XSOAR

  1. Navigate to Settings > Integrations > Servers & Services.
  2. Search for CyberArkAIM v2.
  3. Click Add instance to create and configure a new integration instance.
ParameterDescriptionRequired
urlServer URL and Port (e.g., https://example.net:1234\)True
app_idAppID as configured in AIMFalse
folderFolder to search in safeTrue
safeSafe to search inTrue
credential_namesCredential names - comma-seperated list of credentials names in the safeFalse
credentialsUsernameFalse
cert_textCertificate file as textFalse
key_textKey file as textFalse
isFetchCredentialsFetches credentialsFalse
insecureTrust any certificate (not secure)False
proxyUse system proxy settingsFalse
  1. Click Test to validate the URLs, token, and connection.

Commands

You can execute these commands from the Demisto CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

cyberark-aim-list-credentials


Lists all credentials available

Base Command

cyberark-aim-list-credentials

Input

There are no input arguments for this command.

Context Output

PathTypeDescription
CyberArkAIM.AccountTypeStringThe type of the account.
CyberArkAIM.AddressStringThe address of the account.
CyberArkAIM.CPMStatusStringThe CMP status of the account.
CyberArkAIM.DomainStringThe domain of the account.
CyberArkAIM.NameStringThe credential name of the account.

Command Example

!cyberark-aim-list-credentials

Context Example

{
"CyberArkAIM": {
"AccountCategory": "True",
"AccountDescription": "Built-in account for administering the computer/domain",
"AccountDiscoveryDate": "1573128798",
"AccountEnabled": "True",
"AccountExpirationDate": "0",
"AccountOSGroups": "Administrators",
"AccountType": "Domain",
"Address": "AIM.COM",
"CPMDisabled": "(CPM)Newly discovered dependency",
"CPMStatus": "success",
"CreationMethod": "AutoDetected",
"DeviceType": "Operating System",
"DiscoveryPlatformType": "Windows Domain",
"Domain": "AIM.COM",
"Folder": "Root",
"LastLogonDate": "1572451901",
"LastPasswordSetDate": "1566376303",
"LastSuccessChange": "1575910475",
"LastSuccessReconciliation": "1583521898",
"LastSuccessVerification": "1583256386",
"LastTask": "ReconcileTask",
"LogonDomain": "domain1",
"MachineOSFamily": "Server",
"Name": "name1",
"OSVersion": "Windows Server 2016 Standard",
"OU": "CN=Users,DC=COM",
"PasswordChangeInProcess": "False",
"PasswordNeverExpires": "True",
"PolicyID": "WinDomain",
"RetriesCount": "-1",
"SID": "sid",
"Safe": "Windows Domain Admins",
"SequenceID": "1",
"Tags": "DAdmin",
"UserName": "username1"
}
}

Human Readable Output

Results

AccountCategoryAccountDescriptionAccountDiscoveryDateAccountEnabledAccountExpirationDateAccountOSGroupsAccountTypeAddressCPMDisabledCPMStatusCreationMethodDeviceTypeDiscoveryPlatformTypeDomainFolderLastLogonDateLastPasswordSetDateLastSuccessChangeLastSuccessReconciliationLastSuccessVerificationLastTaskLogonDomainMachineOSFamilyNameOSVersionOUPasswordChangeInProcessPasswordNeverExpiresPolicyIDRetriesCountSIDSafeSequenceIDTagsUserName
TrueBuilt-in account for administering the computer/domain1573128798True0AdministratorsDomainAIM.COM(CPM)Newly discovered dependencysuccessAutoDetectedOperating SystemWindows DomainAIM.COMRoot15724519011566376303157591047515835218981583256386ReconcileTaskdomain1Servername1Windows Server 2016 StandardCN=Users,DC=COMFalseTrueWinDomain-1sidWindows Domain Admins1DAdminusername1