Skip to main content

ManageEngine PAM360

This Integration is part of the ManageEngine_PAM360 Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Use ManageEngine PAM360, a privileged access management solution to manage critical enterprise data such as privileged resources and accounts and secure credentials from Cortex XSOAR.

Configure ManageEngine PAM360 in Cortex#

ParameterDescriptionRequired
urlServer URL (e.g., https://localhost:8282)True
APP_TOKENToken to access PAM360 vaultTrue
insecureTrust any certificate (not secure)False
proxyUse system proxy settingsFalse

Commands#

You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

pam360-create-resource#


Creates a new resource.

Base Command#

pam360-create-resource

Input#

Argument NameDescriptionRequired
resource_nameDenotes the name of the resource.Required
resource_typeDenotes the type of the resource.Required
resource_urlDenotes the URL of the resource.Optional
domain_nameDenotes the domain name of the resource.Optional
resourcegroup_nameName of the resource group to which this resource belongs.Optional
owner_nameDenotes the name of the resource owner.Optional
locationDenotes the location of the resource.Optional
dnsnameDenotes either the DNS Name or the IP address.Optional
departmentThe department to which the account belongs.Optional
resource_descritpionDescription of the resource.Optional
notesOptional additional notes added about the resource.Optional
account_nameDenotes the name of the account.Required
passwordDenotes the password of the account.Required
resource_password_policyThe type of password policy set for the resource.Optional
account_password_policyThe type of password policy set for the account.Optional

Context Output#

PathTypeDescription
PAM360.Resource.operation.result.statusStringStatus of the operation.
PAM360.Resource.operation.result.messageStringCommand execution status.

Command Example#

!pam360-create-resource resource_name="SOUTH-FIN-WINSERQA-09" resource_type="Windows" resource_url="https://remote-win-serv:8285/adminhome" domain_name="SOUTH-FIN-WINSERQA-09" resourcegroup_name="Remote Windows Servers" owner_name="admin" location="Plaza - South Wing" dnsname="SOUTH-FIN-WINSERQA-09" department="Finance" resource_description="Windows server resources reserved for testing API" notes="Windows server resources reserved for testing API" account_name="administrator" password="QA!K>35Hgg(x" resource_password_policy="Strong" account_password_policy="Strong"

Context Example#

{
"operation":{
"result":{
"message":"Resource SOUTH-FIN-WINSERQA-09 has been added successfully",
"status":"Success"
},
"name":"CREATE RESOURCE"
}
}

pam360-create-account#


Creates a new account under a specified resource.

Base Command#

pam360-create-account

Input#

Argument NameDescriptionRequired
resource_idDenotes the ID of the resource.Required
account_nameName of the account.Required
passwordAccount password.Required
notesAccount description.Optional
account_password_policyThe type of password policy set for the account.Optional

Context Output#

PathTypeDescription
PAM360.Account.operation.result.statusStringStatus of the operation.
PAM360.Account.operation.result.messageStringCommand execution status.

Command Example#

!pam360-create-account resource_id=1 account_name="admin" password="t8BRq)<6h9g1" notes="Windows server resources reserved for testing API" account_password_policy="Strong"

Context Example#

{
"operation":{
"result":{
"message":"Account(s) added successfully",
"status":"Success"
},
"Details":[
{
"admin":{
"STATUS":"Account added successfully"
}
}
],
"name":"ADD ACCOUNTS"
}

pam360-update-resource#


Updates the attributes of a resource such as name, type, URL, and description.

Base Command#

pam360-update-resource

Input#

Argument NameDescriptionRequired
resource_idDenotes the ID of the resource.Required
resource_nameName of the resource.Required
resource_typeType of the resource.Optional
resource_urlURL of the resource.Optional
resource_descriptionDescription of the resource.Optional
resource_password_policyThe type of password policy set for the resource.Optional
locationLocation of the resource.Optional
dnsnameDenotes either the DNS Name or the IP address.Optional
departmentThe department to which the account belongs.Optional
owner_nameName of the resource owner.Optional

Context Output#

PathTypeDescription
PAM360.Resource.operation.result.statusStringStatus of the operation.
PAM360.Resource.operation.result.messageStringCommand execution status.

Command Example#

!pam360-update-resource resource_id=1 resource_name="SOUTH-FIN-WINSERQA-09" resource_type="Windows" resource_url="https://remote-win-serv:8285/adminhome" resource_description="Windows server resources reserved for testing API" resource_password_policy="Strong" location="Plaza - South Wing" department="Finance" dnsname="SOUTH-FIN-WINSERQA-09" owner_name="admin"

Context Example#

{
"operation":{
"result":{
"message":"Resource modified successfully.",
"status":"Success"
},
"name":"EDIT RESOURCE"
}
}

pam360-update-account#


Updates the attributes an account such as name, password policy, and notes if applicable.

Base Command#

pam360-update-account

Input#

Argument NameDescriptionRequired
resource_idDenotes the ID of the resource.Required
account_idDenotes the ID of the account.Required
account_nameName of the account.Required
owner_nameName of the account owner.Optional
notesOptional additional notes added about the account.Optional
account_password_policyThe type of password policy set for the account.Optional

Context Output#

PathTypeDescription
PAM360.Account.operation.result.statusStringStatus of the operation.
PAM360.Account.operation.result.messageStringCommand execution status.

Command Example#

!pam360-update-account resource_id=1 account_id=1 account_name="admin" owner_name="admin" notes="Windows server resources reserved for testing API" account_password_policy="Strong"

Context Example#

{
"operation":{
"result":{
"message":"Account admin modified successfully",
"status":"Success"
},
"name":"EDIT ACCOUNT"
}
}

pam360-list-all-resources#


Lists all resources owned by you and shared to you by other users.

Base Command#

pam360-list-all-resources

Context Output#

PathTypeDescription
PAM360.Resource.operation.result.statusStringStatus of the operation.
PAM360.Resource.operation.result.messageStringCommand execution status.
PAM360.Resource.operation.Details.RESOURCE DESCRIPTIONStringDescription of the resource.
PAM360.Resource.operation.Details.RESOURCE TYPEStringDenotes the type of the resource.
PAM360.Resource.operation.Details.RESOURCE IDStringDenotes the ID of the resource.
PAM360.Resource.operation.Details.RESOURCE NAMEStringName of the resource.
PAM360.Resource.operation.Details.NOOFACCOUNTSStringThe number of accounts associated with the resource.

Command Example#

!pam360-list-all-resources

Context Example#

{
"operation":{
"result":{
"message":"Resources fetched successfully",
"status":"Success"
},
"Details":[
{
"RESOURCE DESCRIPTION":"Windows server resources reserved for testing API",
"RESOURCE TYPE":"Fortigate Firewall",
"RESOURCE ID":"1",
"RESOURCE NAME":"SOUTH-FIN-WINSERQA-09",
"NOOFACCOUNTS":"1"
}
],
"name":"GET RESOURCES",
"totalRows":1
}
}

pam360-list-all-accounts#


Lists all accounts belonging to the resource.

Base Command#

pam360-list-all-accounts

Input#

Argument NameDescriptionRequired
resource_idID of the resource.Required

Context Output#

PathTypeDescription
PAM360.Account.operation.result.statusStringStatus of the operation.
PAM360.Account.operation.result.messageStringCommand execution status.
PAM360.Account.operation.Details.LOCATIONStringLocation of the account.
PAM360.Account.operation.Details.RESOURCE DESCRIPTIONStringDescription of the resource.
PAM360.Account.operation.Details.RESOURCE TYPEStringRefers to the resource type assigned to the account.
PAM360.Account.operation.Details.RESOURCE IDStringDenotes the ID of the resource.
PAM360.Account.operation.Details.DEPARTMENTStringThe department to which the account belongs.
PAM360.Account.operation.Details.RESOURCE OWNERStringRefers to the name of the resource owner.
PAM360.Account.operation.Details.RESOURCE PASSWORD POLICYStringThe password policy of the resource to which the account belongs.
PAM360.Account.operation.Details.RESOURCE URLStringThe URL of the resource.
PAM360.Account.operation.Details.DOMAIN NAMEStringThe domain name of the resource.
PAM360.Account.operation.Details.RESOURCE NAMEStringThe name of the resource to which the account belongs.
PAM360.Account.operation.Details.DNS NAMEStringThe DNS name of the resource.
PAM360.Account.operation.Details.ACCOUNT LIST.ACCOUNT IDStringDenotes the ID of the account.
PAM360.Account.operation.Details.ACCOUNT LIST.ACCOUNT NAMEStringDenotes the name of the account.
PAM360.Account.operation.Details.ACCOUNT LIST.PASSWORD STATUSStringRefers to the availability status of the password. Denotes whether the password is available for check-out or in use by another user.
PAM360.Account.operation.Details.ACCOUNT LIST.ACCOUNT PASSWORD POLICYStringThe type of password policy set for the account.
PAM360.Account.operation.Details.ACCOUNT LIST.PASSWDIDStringRefers to the Account ID required to perform password-based operations.
PAM360.Account.operation.Details.ACCOUNT LIST.ISREASONREQUIREDStringRefers to the reason provided to access the password.

Command Example#

!pam360-list-all-accounts resource_id=1

Context Example#

{
"operation":{
"result":{
"message":"Resource details with account list fetched successfully",
"status":"Success"
},
"Details":{
"LOCATION":"Plaza - South Wing",
"RESOURCE DESCRIPTION":"Windows server resources reserved for testing API",
"RESOURCE TYPE":"Fortigate Firewall",
"RESOURCE ID":"1",
"ACCOUNT LIST":[
{
"ISFAVPASS":"false",
"ACCOUNT ID":"1",
"AUTOLOGONLIST":[
"SSH",
"Telnet"
],
"ACCOUNT NAME":"administrator",
"PASSWORD STATUS":"****",
"ISREMOTEAPPONLY":"false",
"ACCOUNT PASSWORD POLICY":"Strong",
"AUTOLOGONSTATUS":"One of the resources or landing servers is configured to be connected repeatedly. Check your landing server configuration or contact your administrator.",
"IS_TICKETID_REQD_ACW":"false",
"PASSWDID":"1",
"IS_TICKETID_REQD_MANDATORY":"false",
"IS_TICKETID_REQD":"false",
"ISREASONREQUIRED":"false"
}
],
"DEPARTMENT":"Finance",
"RESOURCE OWNER":"admin",
"RESOURCE PASSWORD POLICY":"Strong",
"RESOURCE URL":"https://pam360:8282",
"NEWSSHTERMINAL":"false",
"DOMAIN NAME":"SOUTH-FIN-WINSERQA-09",
"ALLOWOPENURLINBROWSER":"true",
"RESOURCE NAME":"SOUTH-FIN-WINSERQA-09",
"DNS NAME":"SOUTH-FIN-WINSERQA-09"
},
"name":"GET RESOURCE ACCOUNTLIST"
}
}

pam360-fetch-account-details#


Fetches the details of an account using the corresponding account ID.

Base Command#

pam360-fetch-account-details

Input#

Argument NameDescriptionRequired
resource_idDenotes the ID of the resource.Required
account_idDenotes the ID of the account.Required

Context Output#

PathTypeDescription
PAM360.Account.operation.result.statusStringStatus of the operation.
PAM360.Account.operation.result.messageStringCommand execution status.
PAM360.Account.operation.Details.DESCRIPTIONStringDescription of the account.
PAM360.Account.operation.Details.PASSWDIDStringAccount ID that is used to perform password-related operations.
PAM360.Account.operation.Details.LAST MODIFIED TIMEStringThe time at which the account was last modified.
PAM360.Account.operation.Details.EXPIRY STATUSStringDenotes the expiry status of the account password.
PAM360.Account.operation.Details.COMPLIANT REASONStringReason for the password not being compliant with the password policy.
PAM360.Account.operation.Details.PASSWORD STATUSStringRefers to the availability status of the password. Denotes whether the password is available for check-out or in use by another user.
PAM360.Account.operation.Details.PASSWORD POLICYStringThe type of password policy set for the account.
PAM360.Account.operation.Details.COMPLIANT STATUSStringStatus of whether the account password is compliant with the password policy for it.
PAM360.Account.operation.Details.LAST ACCESSED TIMEStringThe time at which the account was last accessed.

Command Example#

!pam360-fetch-account-details resource_id=1 account_id=1

Context Example#

{
"operation":{
"result":{
"message":"Account details fetched successfully",
"status":"Success"
},
"Details":{
"DESCRIPTION":"N/A",
"PASSWDID":"1",
"LAST MODIFIED TIME":"N/A",
"EXPIRY STATUS":"Valid",
"COMPLIANT REASON":"-",
"PASSWORD STATUS":"****",
"PASSWORD POLICY":"Strong",
"COMPLIANT STATUS":"Compliant",
"LAST ACCESSED TIME":"Dec 1, 2021 09:00 PM"
},
"name":"GET RESOURCE ACCOUNT DETAILS"
}
}

pam360-fetch-resource-account-id#


Fetches the IDs of the resources and accounts.

Base Command#

pam360-fetch-resource-account-id

Input#

Argument NameDescriptionRequired
resource_nameDenotes the name of the resource.Required
account_nameDenotes the name of the account.Required

Context Output#

PathTypeDescription
PAM360.Resource.operation.result.statusStringStatus of the operation.
PAM360.Resource.operation.result.messageStringCommand execution status.
PAM360.Resource.operation.Details.RESOURCEIDStringDenotes the ID of a resource.
PAM360.Resource.operation.Details.ACCOUNTIDStringDenotes the ID of an account.

Command Example#

!pam360-fetch-resource-account-id resource_name=SOUTH-FIN-WINSERQA-09 account_name=admin

Context Example#

{
"operation":{
"result":{
"message":"Resource ID and account ID fetched successfully for the given resource name and account name.",
"status":"Success"
},
"Details":{
"ACCOUNTID":"1",
"RESOURCEID":"1"
},
"name":"GET_RESOURCEACCOUNTID"
}
}

pam360-fetch-password#


Fetches the account password using the Resource and Account IDs.

Base Command#

pam360-fetch-password

Input#

Argument NameDescriptionRequired
resource_idDenotes the ID of a resource.Required
account_idDenotes the ID of an account.Required
reasonThe reason provided to request for the password of an account.Optional
ticket_idValid ticket ID required when the ticketing system integration is enabled.Optional

Context Output#

PathTypeDescription
PAM360.Account.operation.Details.PASSWORDStringAccount password.
PAM360.Account.operation.result.statusStringStatus of the operation.
PAM360.Account.operation.result.messageStringCommand execution status.

Command Example#

!pam360-fetch-password resource_id=1 account_id=1 reason="Need the password to log in to the Windows Server for testing purposes." ticket_id=7

Context Example#

{
"operation":{
"result":{
"message":"Password fetched successfully",
"status":"Success"
},
"Details":{
"PASSWORD":"A1@8ZnQx)mh&="
},
"name":"GET PASSWORD"
}
}

pam360-update-account-password#


Updates the account password.

Base Command#

pam360-update-account-password

Input#

Argument NameDescriptionRequired
resource_idDenotes the ID of the resource.Required
account_idDenotes the ID of the account.Required
new_passwordPassword to be updated.Required
reset_typeRefers to the type of password reset to be done - LOCAL or REMOTE.Required
reasonRefers to the reason provided to update the password of an account.Optional
ticket_idValid ticket ID required when the ticketing system integration is enabled.Optional

Context Output#

PathTypeDescription
PAM360.Account.operation.result.statusStringStatus of the operation.
PAM360.Account.operation.result.messageStringCommand execution status.

Command Example#

!pam360-update-account-password resource_id=1 account_id=1 new_password="A8>ne3J&0Z" reset_type="local" reason="Password Expired" ticket_id=7

Context Example#

{
"operation":{
"result":{
"message":"Password changed successfully",
"status":"Success"
},
"name":"CHANGE PASSWORD"
}
}