MongoDB
MongoDB Pack.#
This Integration is part of the#
OverviewUse MongoDB to search and query entries This integration was integrated and tested with version v4.2.3 of MongoDB
#
Configure MongoDB on Cortex XSOAR- Navigate to Settings > Integrations > Servers & Services.
- Search for MongoDB.
- Click Add instance to create and configure a new integration instance.
- Name: a textual name for the integration instance.
- Username
- Server URLs with port (host1.com:27017,host2.com:27017)
- Database
- Trust any certificate (not secure)
- Click Test to validate the URLs, token, and connection.
#
Fetched Incidents Data#
CommandsYou can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
- mongodb-get-entry-by-id
- mongodb-query
- mongodb-insert
- mongodb-update
- mongodb-delete
- mongodb-list-collections
- mongodb-create-collection
- mongodb-drop-collection
- mongodb-pipeline-query
#
1. mongodb-get-entry-by-idGet an entry from database by ID
#
Required Permissionsfind
permission.
#
Base Commandmongodb-get-entry-by-id
#
InputArgument Name | Description | Required |
---|---|---|
collection | Name of the collection do get entry from. | Required |
object_id | An ObjectID to get. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
MongoDB.Entry._id | String | ID of entry |
MongoDB.Entry.collection | String | Collection name |
#
Command Example!mongodb-get-entry-by-id collection=test object_id=5e444002d661d4fc62442f39
#
Context Example#
Human Readable Outputtest
:#
Total of 0 found in MongoDB collection No entries.
#
2. mongodb-querySearches for items by using the specified JSON query. Search by regex is supported.
#
Required Permissionsfind
permission.
#
Base Commandmongodb-query
#
InputArgument Name | Description | Required |
---|---|---|
collection | Name of the collection do query from. | Required |
query | A JSON query to search for in the collection, in the format of: {"key": "value"} . e.g {"_id": "mongodbid"}. Supports search by regex using the following query="{ "field": { "$regex": "search_option" } }" . For example: query="{ "year": { "$regex": "2.*" } }" - will query all entries such that their "year" field contains the number 2, query="{ "color": { "$regex": "Re.*", "$options": "i" } }" : case insensitive search - will query all entries at the collection, where their "color" field contains the string "Re". | Required |
sort | Sorting order for the query results. Use the format "field1:asc,field2:desc". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
MongoDB.Entry._id | String | ID of entry from query |
MongoDB.Entry.collection | String | Collection name |
#
Command Example!mongodb-query collection=test query=`{"test": true}
#
Context Example#
Human Readable Outputtest
with query: {"test": true}:#
Total of 2 found in MongoDB collection _id |
---|
5e454023a14c0fb64ca2fd7f |
5e454024a14c0fb64ca2fd80 |
#
3. mongodb-insertInserts an entry to the database
#
Required Permissionsinsert
permission.
#
Base Commandmongodb-insert
#
InputArgument Name | Description | Required |
---|---|---|
collection | Name of the collection to insert entry from. | Required |
entry | Entry JSON formatted. can include _id argument or not. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
MongoDB.Entry._id | String | ID of entry from query. |
MongoDB.Entry.collection | String | Collection name |
#
Command Example!mongodb-insert collection=testCollection entry=`{"test": true}`\
#
Context Example#
Human Readable Output#
MongoDB: Successfully entered 1 entry to the 'testCollection' collection._id |
---|
5e45403c7bc040c2a989007a |
#
4. mongodb-updateUpdates an entry in a collection
#
Required Permissionsupdate
permission.
#
Base Commandmongodb-update
#
InputArgument Name | Description | Required |
---|---|---|
collection | Name of the collection to update entry to. | Required |
filter | A query that matches the document to update. | Required |
update | You can use Update Operators or Aggregation Pipeline. Check documentation for further information. | Required |
update_one | Update only one entry. if true, will set all found entries. | Optional |
#
Context OutputThere is no context output for this command.
#
Command Example!mongodb-update collection=test filter=`{"test": true}` update=`{"$set": {"test": false}}`\
#
Human Readable Output#
MongoDB: Total of 1 entries has been modified.#
5. mongodb-deleteDeletes an entry from the database
#
Required Permissionsremove
permission.
#
Base Commandmongodb-delete
#
InputArgument Name | Description | Required |
---|---|---|
collection | Name of the collection to delete entry from. | Required |
filter | A query that matches the document to delete. | Required |
delete_one | Delete only one entry from the database. | Optional |
#
Context OutputThere is no context output for this command.
#
Command Example!mongodb-delete collection=test filter=`{"test": true}` delete_one=true
#
Human Readable Output#
MongoDB: Delete 1 entries.#
6. mongodb-list-collectionsLists all collections in database
#
Required Permissionsfind
permission.
#
Base Commandmongodb-list-collections
#
InputThere are no input arguments for this command.
#
Context OutputPath | Type | Description |
---|---|---|
MongoDB.Collection.Name | String | Name of the collection |
#
Command Example!mongodb-list-collections
#
Context Example#
Human Readable Output#
MongoDB: All collections in database:Collection |
---|
collectionToDelete |
testCollection |
test |
#
7. mongodb-create-collectionCreates a collection
#
Required PermissionscreateCollection
permission.
#
Base Commandmongodb-create-collection
#
InputArgument Name | Description | Required |
---|---|---|
collection | Name of collection to create. | Required |
#
Context OutputThere is no context output for this command.
#
Command Example!mongodb-create-collection collection=testCollection
#
Human Readable Output#
MongoDB: Collection 'testCollection' has been successfully created.#
8. mongodb-drop-collectionDrops a collection from the database
#
Required PermissionsdropCollection
permission or above.
#
Base Commandmongodb-drop-collection
#
InputArgument Name | Description | Required |
---|---|---|
collection | Name of collection to be dropped | Required |
#
Context OutputThere is no context output for this command.
#
Command Example!mongodb-drop-collection collection=collectionToDelete
#
Human Readable Output#
MongoDB: Collection 'collectionToDelete` has been dropped.#
mongodb-pipeline-querySearches for items by the specified JSON pipleline query.
#
Base Commandmongodb-pipeline-query
#
InputArgument Name | Description | Required |
---|---|---|
collection | Name of the collection to query. | Required |
pipeline | A JSON pipeline query to search by in the collection. Pipeline query should by list of dictionaries. For example: [{"key1": "value1"}, {"key2": "value2"}]. | Required |
limit | Limits the number of results returned from MongoDB. Default is 50. | Optional |
offset | Offset to the first result returned from MongoDB. Default is 0. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
MongoDB.Entry._id | String | The ID of entry from the query. |
MongoDB.Entry.collection | String | The collection of which the entry belongs to. |
#
Command Example!mongodb-pipeline-query collection=test_collection pipeline="[{\"$match\": {\"title\": \"test_title\"}}]"
#
Context Example#
Human Readable OutputTotal of 3 entries were found in MongoDB collection
test_collection
with pipeline: [{"$match": {"title": "test_title"}}]:#
_id 602e624e8be6cb93eb795695 602e62598be6cb93eb795697 602e62698be6cb93eb795699
#
Additional Information- a guide on how to use the
filter
andquery
argument can be found here - a guide on how to use the
update
argument can be found here
#
Known LimitationsThe test
button is trying to list collections. If the user has no find
permission it will fail.