MongoDB

Overview


Use MongoDB to search and query entries This integration was integrated and tested with version v4.2.3 of MongoDB

Configure MongoDB on Demisto


  1. Navigate to Settings > Integrations > Servers & Services.
  2. Search for MongoDB.
  3. Click Add instance to create and configure a new integration instance.
    • Name: a textual name for the integration instance.
    • Username
    • Server URLs with port (host1.com:27017,host2.com:27017)
    • Database
    • Trust any certificate (not secure)
  4. Click Test to validate the URLs, token, and connection.

Fetched Incidents Data


Commands


You can execute these commands from the Demisto CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

  1. mongodb-get-entry-by-id
  2. mongodb-query
  3. mongodb-insert
  4. mongodb-update
  5. mongodb-delete
  6. mongodb-list-collections
  7. mongodb-create-collection
  8. mongodb-drop-collection

1. mongodb-get-entry-by-id


Get an entry from database by ID

Required Permissions

find permission.

Base Command

mongodb-get-entry-by-id

Input
Argument NameDescriptionRequired
collectionName of the collection do get entry from.Required
object_idAn ObjectID to get.Required
Context Output
PathTypeDescription
MongoDB.Entry._idStringID of entry
MongoDB.Entry.collectionStringCollection name
Command Example

!mongodb-get-entry-by-id collection=test object_id=5e444002d661d4fc62442f39

Context Example
{
"MongoDB": [
{
"test": true,
"_id": "5e444002d661d4fc62442f39"
},
]
}
Human Readable Output

Total of 0 found in MongoDB collection test:

No entries.

2. mongodb-query


Searches items by query

Required Permissions

find permission.

Base Command

mongodb-query

Input
Argument NameDescriptionRequired
collectionName of the collection do query from.Required
queryA JSON query to search in collection.Required
sortSorting order for the query results. Use the format "field1:asc,field2:desc".Optional
Context Output
PathTypeDescription
MongoDB.Entry._idStringID of entry from query
MongoDB.Entry.collectionStringCollection name
Command Example

!mongodb-query collection=test query=`{"test": true}

Context Example
{
"MongoDB": [
{
"test": true,
"_id": "5e454023a14c0fb64ca2fd7f"
},
{
"test": true,
"_id": "5e454024a14c0fb64ca2fd80"
},
{
"test": true,
"_id": "5e454024a14c0fb64ca2fd81"
}
]
}
Human Readable Output

Total of 2 found in MongoDB collection test with query: {"test": true}:

_id
5e454023a14c0fb64ca2fd7f
5e454024a14c0fb64ca2fd80

3. mongodb-insert


Inserts an entry to the database

Required Permissions

insert permission.

Base Command

mongodb-insert

Input
Argument NameDescriptionRequired
collectionName of the collection to insert entry from.Required
entryEntry JSON formatted. can include _id argument or not.Required
Context Output
PathTypeDescription
MongoDB.Entry._idStringID of entry from query.
MongoDB.Entry.collectionStringCollection name
Command Example

!mongodb-insert collection=testCollection entry=`{"test": true}`\

Context Example
{
"MongoDB": [
{
"_id": "5e45403c7bc040c2a989007a"
}
]
}
Human Readable Output

MongoDB: Successfully entered 1 entry to the 'testCollection' collection.

_id
5e45403c7bc040c2a989007a

4. mongodb-update


Updates an entry in a collection

Required Permissions

update permission.

Base Command

mongodb-update

Input
Argument NameDescriptionRequired
collectionName of the collection to update entry to.Required
filterA query that matches the document to update.Required
updateYou can use Update Operators or Aggregation Pipeline. Check documentation for further information.Required
update_oneUpdate only one entry. if true, will set all found entries.Optional
Context Output

There is no context output for this command.

Command Example

!mongodb-update collection=test filter=`{"test": true}` update=`{"$set": {"test": false}}`\

Human Readable Output

MongoDB: Total of 1 entries has been modified.

5. mongodb-delete


Deletes an entry from the database

Required Permissions

remove permission.

Base Command

mongodb-delete

Input
Argument NameDescriptionRequired
collectionName of the collection to delete entry from.Required
filterA query that matches the document to delete.Required
delete_oneDelete only one entry from the database.Optional
Context Output

There is no context output for this command.

Command Example

!mongodb-delete collection=test filter=`{"test": true}` delete_one=true

Human Readable Output

MongoDB: Delete 1 entries.

6. mongodb-list-collections


Lists all collections in database

Required Permissions

find permission.

Base Command

mongodb-list-collections

Input

There are no input arguments for this command.

Context Output
PathTypeDescription
MongoDB.Collection.NameStringName of the collection
Command Example

!mongodb-list-collections

Context Example
{
"MongoDB.Collection": [
{
"Name": "collectionToDelete"
},
{
"Name": "testCollection"
},
{
"Name": "test"
}
]
}
Human Readable Output

MongoDB: All collections in database:

Collection
collectionToDelete
testCollection
test

7. mongodb-create-collection


Creates a collection

Required Permissions

createCollection permission.

Base Command

mongodb-create-collection

Input
Argument NameDescriptionRequired
collectionName of collection to create.Required
Context Output

There is no context output for this command.

Command Example

!mongodb-create-collection collection=testCollection

Human Readable Output

MongoDB: Collection 'testCollection' has been successfully created.

8. mongodb-drop-collection


Drops a collection from the database

Required Permissions

dropCollection permission or above.

Base Command

mongodb-drop-collection

Input
Argument NameDescriptionRequired
collectionName of collection to be droppedRequired
Context Output

There is no context output for this command.

Command Example

!mongodb-drop-collection collection=collectionToDelete

Human Readable Output

MongoDB: Collection 'collectionToDelete` has been dropped.

Additional Information


  • a guide on how to use the filter and query argument can be found here
  • a guide on how to use the update argument can be found here

Known Limitations


The test button is trying to list collections. If the user has no find permission it will fail.