MongoDB

Overview#


Use MongoDB to search and query entries This integration was integrated and tested with version v4.2.3 of MongoDB

Configure MongoDB on Demisto#


  1. Navigate to Settings > Integrations > Servers & Services.
  2. Search for MongoDB.
  3. Click Add instance to create and configure a new integration instance.
    • Name: a textual name for the integration instance.
    • Username
    • Server URLs with port (host1.com:27017,host2.com:27017)
    • Database
    • Trust any certificate (not secure)
  4. Click Test to validate the URLs, token, and connection.

Fetched Incidents Data#


Commands#


You can execute these commands from the Demisto CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

  1. mongodb-get-entry-by-id
  2. mongodb-query
  3. mongodb-insert
  4. mongodb-update
  5. mongodb-delete
  6. mongodb-list-collections
  7. mongodb-create-collection
  8. mongodb-drop-collection
  9. mongodb-pipeline-query

1. mongodb-get-entry-by-id#


Get an entry from database by ID

Required Permissions#

find permission.

Base Command#

mongodb-get-entry-by-id

Input#
Argument NameDescriptionRequired
collectionName of the collection do get entry from.Required
object_idAn ObjectID to get.Required
Context Output#
PathTypeDescription
MongoDB.Entry._idStringID of entry
MongoDB.Entry.collectionStringCollection name
Command Example#

!mongodb-get-entry-by-id collection=test object_id=5e444002d661d4fc62442f39

Context Example#
{
"MongoDB": [
{
"test": true,
"_id": "5e444002d661d4fc62442f39"
}
]
}
Human Readable Output#

Total of 0 found in MongoDB collection test:#

No entries.

2. mongodb-query#


Searches for items by using the specified JSON query. Search by regex is supported.

Required Permissions#

find permission.

Base Command#

mongodb-query

Input#
Argument NameDescriptionRequired
collectionName of the collection do query from.Required
queryA JSON query to search for in the collection, in the format of: {"key": "value"}. e.g {"_id": "mongodbid"}. Supports search by regex using the following query="{ "field": { "$regex": "search_option" } }". For example: query="{ "year": { "$regex": "2.*" } }" - will query all entries such that their "year" field contains the number 2, query="{ "color": { "$regex": "Re.*", "$options": "i" } }": case insensitive search - will query all entries at the collection, where their "color" field contains the string "Re".Required
sortSorting order for the query results. Use the format "field1:asc,field2:desc".Optional
Context Output#
PathTypeDescription
MongoDB.Entry._idStringID of entry from query
MongoDB.Entry.collectionStringCollection name
Command Example#

!mongodb-query collection=test query=`{"test": true}

Context Example#
{
"MongoDB": [
{
"test": true,
"_id": "5e454023a14c0fb64ca2fd7f"
},
{
"test": true,
"_id": "5e454024a14c0fb64ca2fd80"
},
{
"test": true,
"_id": "5e454024a14c0fb64ca2fd81"
}
]
}
Human Readable Output#

Total of 2 found in MongoDB collection test with query: {"test": true}:#

_id
5e454023a14c0fb64ca2fd7f
5e454024a14c0fb64ca2fd80

3. mongodb-insert#


Inserts an entry to the database

Required Permissions#

insert permission.

Base Command#

mongodb-insert

Input#
Argument NameDescriptionRequired
collectionName of the collection to insert entry from.Required
entryEntry JSON formatted. can include _id argument or not.Required
Context Output#
PathTypeDescription
MongoDB.Entry._idStringID of entry from query.
MongoDB.Entry.collectionStringCollection name
Command Example#

!mongodb-insert collection=testCollection entry=`{"test": true}`\

Context Example#
{
"MongoDB": [
{
"_id": "5e45403c7bc040c2a989007a"
}
]
}
Human Readable Output#

MongoDB: Successfully entered 1 entry to the 'testCollection' collection.#

_id
5e45403c7bc040c2a989007a

4. mongodb-update#


Updates an entry in a collection

Required Permissions#

update permission.

Base Command#

mongodb-update

Input#
Argument NameDescriptionRequired
collectionName of the collection to update entry to.Required
filterA query that matches the document to update.Required
updateYou can use Update Operators or Aggregation Pipeline. Check documentation for further information.Required
update_oneUpdate only one entry. if true, will set all found entries.Optional
Context Output#

There is no context output for this command.

Command Example#

!mongodb-update collection=test filter=`{"test": true}` update=`{"$set": {"test": false}}`\

Human Readable Output#

MongoDB: Total of 1 entries has been modified.#

5. mongodb-delete#


Deletes an entry from the database

Required Permissions#

remove permission.

Base Command#

mongodb-delete

Input#
Argument NameDescriptionRequired
collectionName of the collection to delete entry from.Required
filterA query that matches the document to delete.Required
delete_oneDelete only one entry from the database.Optional
Context Output#

There is no context output for this command.

Command Example#

!mongodb-delete collection=test filter=`{"test": true}` delete_one=true

Human Readable Output#

MongoDB: Delete 1 entries.#

6. mongodb-list-collections#


Lists all collections in database

Required Permissions#

find permission.

Base Command#

mongodb-list-collections

Input#

There are no input arguments for this command.

Context Output#
PathTypeDescription
MongoDB.Collection.NameStringName of the collection
Command Example#

!mongodb-list-collections

Context Example#
{
"MongoDB.Collection": [
{
"Name": "collectionToDelete"
},
{
"Name": "testCollection"
},
{
"Name": "test"
}
]
}
Human Readable Output#

MongoDB: All collections in database:#

Collection
collectionToDelete
testCollection
test

7. mongodb-create-collection#


Creates a collection

Required Permissions#

createCollection permission.

Base Command#

mongodb-create-collection

Input#
Argument NameDescriptionRequired
collectionName of collection to create.Required
Context Output#

There is no context output for this command.

Command Example#

!mongodb-create-collection collection=testCollection

Human Readable Output#

MongoDB: Collection 'testCollection' has been successfully created.#

8. mongodb-drop-collection#


Drops a collection from the database

Required Permissions#

dropCollection permission or above.

Base Command#

mongodb-drop-collection

Input#
Argument NameDescriptionRequired
collectionName of collection to be droppedRequired
Context Output#

There is no context output for this command.

Command Example#

!mongodb-drop-collection collection=collectionToDelete

Human Readable Output#

MongoDB: Collection 'collectionToDelete` has been dropped.#

mongodb-pipeline-query#


Searches for items by the specified JSON pipleline query.

Base Command#

mongodb-pipeline-query

Input#

Argument NameDescriptionRequired
collectionName of the collection to query.Required
pipelineA JSON pipeline query to search by in the collection. Pipeline query should by list of dictionaries. For example: [{"key1": "value1"}, {"key2": "value2"}].Required
limitLimits the number of results returned from MongoDB. Default is 50.Optional
offsetOffset to the first result returned from MongoDB. Default is 0.Optional

Context Output#

PathTypeDescription
MongoDB.Entry._idStringThe ID of entry from the query.
MongoDB.Entry.collectionStringThe collection of which the entry belongs to.

Command Example#

!mongodb-pipeline-query collection=test_collection pipeline="[{\"$match\": {\"title\": \"test_title\"}}]"

Context Example#

{
"MongoDB": {
"Entry": [
{
"_id": "602e624e8be6cb93eb795695",
"collection": "test_collection",
"color": "red",
"title": "test_title",
"year": "2019"
},
{
"_id": "602e62598be6cb93eb795697",
"collection": "test_collection",
"color": "green",
"title": "test_title",
"year": "2020"
},
{
"_id": "602e62698be6cb93eb795699",
"collection": "test_collection",
"color": "yellow",
"title": "test_title",
"year": "2018"
}
]
}
}

Human Readable Output#

Total of 3 entries were found in MongoDB collection test_collection with pipeline: [{"$match": {"title": "test_title"}}]:#

_id
602e624e8be6cb93eb795695
602e62598be6cb93eb795697
602e62698be6cb93eb795699

Additional Information#


  • a guide on how to use the filter and query argument can be found here
  • a guide on how to use the update argument can be found here

Known Limitations#


The test button is trying to list collections. If the user has no find permission it will fail.