Digital Guardian
Digital Guardian Pack.#
This Integration is part of the#Digital Guardian ARC Watchlist Integration This integration was integrated and tested with version 2.11.0 of Digital Guardian ARC
#
Configure Digital Guardian in CortexParameter | Description | Required |
---|---|---|
auth_url | auth_url | True |
arc_url | arc_url | True |
insecure | Allow Insecure HTTPS | False |
client_id | client_id | True |
client_secret | client_secret | True |
export_profile | export_profile | True |
#
CommandsYou can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
#
digitalguardian-add-watchlist-entryAdd Watchlist Entry
#
Base Commanddigitalguardian-add-watchlist-entry
#
InputArgument Name | Description | Required |
---|---|---|
watchlist_name | Watchlist Name | Required |
watchlist_entry | Watchlist Entry | Required |
#
Context OutputThere is no context output for this command.
#
Command Example!digitalguardian-add-watchlist-entry watchlist_entry=playbook_test watchlist_name=atac_test
#
Context Example#
Human Readable Outputadded watchlist entry (playbook_test) to watchlist name (atac_test)
#
digitalguardian-check-watchlist-entryCheck Watchlist Entry
#
Base Commanddigitalguardian-check-watchlist-entry
#
InputArgument Name | Description | Required |
---|---|---|
watchlist_name | Watchlist Name | Required |
watchlist_entry | Watchlist Entry | Required |
#
Context OutputPath | Type | Description |
---|---|---|
DigitalGuardian.Watchlist.Found | boolean | Watchlist Found |
#
Command Example!digitalguardian-check-watchlist-entry watchlist_entry=playbook_test watchlist_name=atac_test
#
Context Example#
Human Readable OutputWatchlist found
#
digitalguardian-remove-watchlist-entryRemove Watchlist Entry
#
Base Commanddigitalguardian-remove-watchlist-entry
#
InputArgument Name | Description | Required |
---|---|---|
watchlist_name | Watchlist Name | Required |
watchlist_entry | Watchlist Entry | Optional |
#
Context OutputThere is no context output for this command.
#
Command Example!digitalguardian-remove-watchlist-entry watchlist_entry=playbook_test watchlist_name=atac_test
#
Context Example#
Human Readable Outputremoved watchlist entry (playbook_test) from watchlist name (atac_test)
#
digitalguardian-add-componentlist-entryAdd Componentlist Entry
#
Base Commanddigitalguardian-add-componentlist-entry
#
InputArgument Name | Description | Required |
---|---|---|
componentlist_name | Componentlist Name | Required |
componentlist_entry | Componentlist Entry | Required |
#
Context OutputThere is no context output for this command.
#
Command Example!digitalguardian-add-componentlist-entry componentlist_entry=email@example.com componentlist_name="Test - JLL - Email Address Blacklist"
#
Context Example#
Human Readable Outputadded componentlist entry (email@example.com) to componentlist name (Test - JLL - Email Address Blacklist)
#
digitalguardian-check-componentlist-entryCheck Componentlist Entry
#
Base Commanddigitalguardian-check-componentlist-entry
#
InputArgument Name | Description | Required |
---|---|---|
componentlist_name | Componentlist Name | Required |
componentlist_entry | Componentlist Entry | Required |
#
Context OutputPath | Type | Description |
---|---|---|
DigitalGuardian.Componentlist.Found | boolean | Componentlist Found |
#
Command Example!digitalguardian-check-componentlist-entry componentlist_entry=email@example.com componentlist_name="Test - JLL - Email Address Blacklist"
#
Context Example#
Human Readable OutputComponentlist found
#
digitalguardian-remove-componentlist-entryRemove Componentlist Entry
#
Base Commanddigitalguardian-remove-componentlist-entry
#
InputArgument Name | Description | Required |
---|---|---|
componentlist_name | Componentlist Name | Required |
componentlist_entry | Componentlist Entry | Required |
#
Context OutputThere is no context output for this command.
#
Command Example!digitalguardian-remove-componentlist-entry componentlist_entry=email@example.com componentlist_name="Test - JLL - Email Address Blacklist"
#
Context Example#
Human Readable Outputremoved componentlist entry (email@example.com) from componentlist name (Test - JLL - Email Address Blacklist)