Skip to main content

SafeBreach

This Integration is part of the SafeBreach - Breach and Attack Simulation platform Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.10.0 and later.

For enterprises using SafeBreach and XSOAR, integrating this package streamlines operations by allowing you to operate SafeBreach through XSOAR, making SafeBreach an integral part of the enterprise workflows. This integration includes commands for managing tests, insight indicators, simulators and deployments, users, API keys, integration issues, and more. This integration was integrated and tested with version 2024Q1.4 of Safebreach.

Configure Safebreach in Cortex#

ParameterDescriptionRequired
Server URLThis is base URL for your instance.True
API KeyThis is API key for your instance, this can be created in Safe Breach User Administration -> API keys, it must be saved as there is no way to view it again.True
Account IDThis is account ID of account with which we want to get data from safebreachTrue
Verify SSL CertificateThis Field is useful for checking if the certificate of SSL for HTTPS is valid or notFalse
Use system proxy settingsThis Field is useful for asking integration to use default system proxy settings.False

Commands#

You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

safebreach-approve-simulator#


This command approves the simulator with the specified simulator_id.

Base Command#

safebreach-approve-simulator

Input#

Argument NameDescriptionRequired
simulator_idID of simulator to approve, in case unsure then please call safebreach-get-all-simulators and search for simulator name.Required

Context Output#

PathTypeDescription
SafeBreach.Simulator.is_enabledStringWhether the simulator is enabled or not.
SafeBreach.Simulator.simulator_idStringThe Id of given simulator.
SafeBreach.Simulator.nameStringname for given simulator.
SafeBreach.Simulator.account_idStringAccount Id of account Hosting given simulator.
SafeBreach.Simulator.is_criticalStringWhether the simulator is critical.
SafeBreach.Simulator.is_exfiltrationStringIf Simulator is exfiltration target.
SafeBreach.Simulator.is_infiltrationStringIf simulator is infiltration target.
SafeBreach.Simulator.is_mail_targetStringIf simulator is mail target.
SafeBreach.Simulator.is_mail_attackerStringIf simulator is mail attacker.
SafeBreach.Simulator.is_pre_executorStringWhether the simulator is pre executor.
SafeBreach.Simulator.is_aws_attackerStringif the given simulator is aws attacker.
SafeBreach.Simulator.is_azure_attackerStringIf the given simulator is azure attacker.
SafeBreach.Simulator.external_ipStringexternal ip of given simulator.
SafeBreach.Simulator.internal_ipStringinternal ip of given simulator.
SafeBreach.Simulator.is_web_application_attackerStringWhether the simulator is Web application attacker.
SafeBreach.Simulator.preferred_interfaceStringPreferred simulator interface.
SafeBreach.Simulator.preferred_ipStringPreferred Ip of simulator.
SafeBreach.Simulator.hostnameStringHostname of given simulator.
SafeBreach.Simulator.connection_typeStringconnection_type of given simulator.
SafeBreach.Simulator.simulator_statusStringstatus of the simulator.
SafeBreach.Simulator.connection_statusStringconnection status of simulator.
SafeBreach.Simulator.simulator_framework_versionStringFramework version of simulator.
SafeBreach.Simulator.operating_system_typeStringoperating system type of given simulator.
SafeBreach.Simulator.operating_systemStringOperating system of given simulator.
SafeBreach.Simulator.execution_hostnameStringExecution Hostname of the given simulator.
SafeBreach.Simulator.deploymentsStringdeployments simulator is part of.
SafeBreach.Simulator.created_atStringCreation datetime of simulator.
SafeBreach.Simulator.updated_atStringUpdate datetime of given simulator.
SafeBreach.Simulator.deleted_atStringdeletion datetime of given simulator.
SafeBreach.Simulator.assetsStringAssets of given simulator.
SafeBreach.Simulator.simulation_usersStringsimulator users list.
SafeBreach.Simulator.proxiesStringProxies of simulator.
SafeBreach.Simulator.advanced_actionsStringAdvanced simulator details.

safebreach-generate-api-key#


This command creates an API key with the name and optionally the description provided. The API key created will be shown on the Settings > API Keys page of SafeBreach Management. Important: The API key generated can be seen only once, so it is recommended to store/save it in a safe place for further use.

Base Command#

safebreach-generate-api-key

Input#

Argument NameDescriptionRequired
name
Name of the API Key to create. This will be the name shown in UI for API key under API keys section
.
Required
description
Description of the API Key to create. This is not a required field but it is recommended to store a
description for easier identification if your use case requires using multiple API keys for multiple tasks.
.
Optional

Context Output#

PathTypeDescription
SafeBreach.API.nameStringThe Name of API Key generated through this command, This will match the input name of the command.
SafeBreach.API.descriptionStringThe Description of API Key created. this will be same as input description given for the command.
SafeBreach.API.created_byStringThe id of user who generated this API key.
SafeBreach.API.created_btStringThe creation date and time of API key.
SafeBreach.API.keyStringThe value of API key generated. store this for further use as this will only be shown once

safebreach-create-deployment#


This command creates a deployment, grouping the list of simulators provided with a name and optionally a description.

Base Command#

safebreach-create-deployment

Input#

Argument NameDescriptionRequired
nameName of the deployment to create. this will be shown as name in deployments page of safebreach.Required
descriptionDescription of the deployment to create. This will show as description of the deployment in your safebreach instance. It is generally preferable to give description while creating a deployment for easier identification.Optional
simulatorsDeployment manages multiple simulators as single group. This parameter receives a comma separated list of IDs of all simulators that should be part of this deployment Simulator ID can be retrieved from safebreach-get-all-simulator-details .Optional

Context Output#

PathTypeDescription
SafeBreach.Deployment.idNumberThe ID of deployment created. this Id can be used to update ,delete deployment as deployment_id field of the deployment.
SafeBreach.Deployment.account_idStringThis field shows account ID of user who has created the account.
SafeBreach.Deployment.nameStringThe name of deployment created. this will be name which will be shown on deployments page of safebreach and name that is given as input to the command.
SafeBreach.Deployment.created_atStringThe creation date and time of deployment , this will be closer to command execution time if the deployment creation is successful.
SafeBreach.Deployment.descriptionStringThe description of the deployment created will be shown in description part of the table in safebreach.
SafeBreach.Deployment.simulatorsStringThe simulators that are part of deployment.

safebreach-create-user#


This command creates a user, including credentials and permissions.

Base Command#

safebreach-create-user

Input#

Argument NameDescriptionRequired
nameName of the user to create.Required
emailEmail of the user to Create.Required
is_activeIf the user will be activated upon creation. Setting this parameter to 'true' active as soon as this command succeeds. Setting to 'false', will require to activate the user by an administrator. Possible values are: true, false. Default is true. Possible values are: true, false. Default is true.Optional
email_post_creationWhether to send an email with login information to a newly crated user. Possible values are: true, false. Default is false. Possible values are: true, false. Default is true.Optional
passwordEnforce password change on user creation. Possible values are: true, false. Default is false.Required
change_password_on_createShould user change password on creation. when this is set to true then user will have to reset password on the next login, this can be used if we want user to reset password as soon as they login. Possible values are: true, false. Default is false.Optional
user_roleRole of the user being created. Possible values are: viewer, administrator, contentDeveloper, operator. Default is viewer. Possible values are: viewer, administrator, contentDeveloper, operator. Default is viewer.Optional
deploymentsComma separated ID of all deployments the user should be part of. The deployment IDs can be retrieved from 'list-deployments' command or from UI directly but care should be noted that only deployment ids of deployments which haven't been deleted will be shown here and after creation of user. for example if 1,2,3 are deployment ids given while creation but if 2 is deleted then when user is created , he will only have 1,3.Optional

Context Output#

PathTypeDescription
SafeBreach.User.idNumberThe ID of User created.
SafeBreach.User.nameStringThe name of User created.
SafeBreach.User.emailStringThe email of User created.
SafeBreach.User.createdAtStringThe creation time of User.
SafeBreach.User.rolesStringThe roles and permissions of User created.
SafeBreach.User.descriptionStringThe description of User if any is given at creation time, it will be populated here.
SafeBreach.User.roleStringThe role assigned to user during creation.
SafeBreach.User.deploymentsStringThe deployments user is part of.

safebreach-delete-api-key#


This command deletes the API key with the name as specified in SafeBreach Management. It is not case sensitive.

Base Command#

safebreach-delete-api-key

Input#

Argument NameDescriptionRequired
key_nameName of the API Key to Delete. This will be used for searching key with given name and then once it matches, that API key will be deleted.Required

Context Output#

PathTypeDescription
SafeBreach.API.nameNumberThe Name of API Key deleted.
SafeBreach.API.descriptionStringDescription of API Key deleted.
SafeBreach.API.created_byStringThe id of user who generated this API key.
SafeBreach.API.created_atStringThe creation time and date of API key.
SafeBreach.API.deleted_atStringThe deletion time and date of API key. The deletion date and time are generally close to the command execution time and date.

safebreach-delete-deployment#


This command deletes a deployment with the deployment_id (retrieved using the get-all-deployments command).

Base Command#

safebreach-delete-deployment

Input#

Argument NameDescriptionRequired
deployment_idID of the deployment to delete. The ID his can be searched with list-deployments command.Required

Context Output#

PathTypeDescription
SafeBreach.Deployment.idNumberThe ID of deployment which has been deleted.
SafeBreach.Deployment.account_idStringThe account Id of user who deleted the deployment.
SafeBreach.Deployment.nameStringThe name of deployment before the deployment was deleted.
SafeBreach.Deployment.created_atStringThe creation date and time of deployment which has been deleted.
SafeBreach.Deployment.descriptionStringThe description of deployment before it was deleted.
SafeBreach.Deployment.simulatorsStringThe simulators that are part of deployment before it was deleted.

safebreach-clear-integration-issues#


This command deletes connector-related errors and warnings for the specified connector_id (retrieved using the get-all-integration-issues command).

Base Command#

safebreach-clear-integration-issues

Input#

Argument NameDescriptionRequired
integration_idThe ID of Integration to have its errors/warnings deleted. Both errors and warnings will be deleted.Required

Context Output#

PathTypeDescription
SafeBreach.Integration.errorNumberError count after deletion of errors for the given Integration.
SafeBreach.Integration.resultStringerror deletion status whether true or false.

safebreach-delete-scheduled-scenarios#


This command deletes the scheduled scenario with the specified schedule_id.

Base Command#

safebreach-delete-scheduled-scenarios

Input#

Argument NameDescriptionRequired
schedule_idschedule ID of scheduled scenario to delete.Required

Context Output#

PathTypeDescription
SafeBreach.Scenario.idStringthe Id of the scheduled scenario.
SafeBreach.Scenario.nameStringthe name of the scheduled scenario.
SafeBreach.Scenario.accountIdStringthe account ID of the scheduled scenario.
SafeBreach.Scenario.descriptionStringthe description of the scheduled scenario.
SafeBreach.Scenario.successCriteriaStringthe success criteria of the scheduled scenario.
SafeBreach.Scenario.originalScenarioIdStringthe original test ID of the scheduled scenario.
SafeBreach.Scenario.systemFilterStringthe systemFilter of the scheduled scenario.
SafeBreach.Scenario.tagsStringthe tags of the scheduled scenario.
SafeBreach.Scenario.createdAtStringthe creation datetime of the scheduled scenario.
SafeBreach.Scenario.updatedAtStringthe updated datetime of the scheduled scenario.

safebreach-delete-simulator#


The provided command facilitates the deletion of a simulator identified by its unique ID.To obtain the respective simulator ID, execute the "safebreach-get-all-simulators" command.

Base Command#

safebreach-delete-simulator

Input#

Argument NameDescriptionRequired
simulator_idId of the simulator we want to delete.Required

Context Output#

PathTypeDescription
SafeBreach.Simulator.is_enabledStringWhether the simulator is enabled or not.
SafeBreach.Simulator.simulator_idStringThe Id of given simulator.
SafeBreach.Simulator.nameStringname for given simulator.
SafeBreach.Simulator.account_idStringAccount Id of account Hosting given simulator.
SafeBreach.Simulator.is_criticalStringWhether the simulator is critical.
SafeBreach.Simulator.is_exfiltrationStringIf Simulator is exfiltration target.
SafeBreach.Simulator.is_infiltrationStringIf simulator is infiltration target.
SafeBreach.Simulator.is_mail_targetStringIf simulator is mail target.
SafeBreach.Simulator.is_mail_attackerStringIf simulator is mail attacker.
SafeBreach.Simulator.is_pre_executorStringWhether the simulator is pre executor.
SafeBreach.Simulator.is_aws_attackerStringif the given simulator is aws attacker.
SafeBreach.Simulator.is_azure_attackerStringIf the given simulator is azure attacker.
SafeBreach.Simulator.external_ipStringexternal ip of given simulator.
SafeBreach.Simulator.internal_ipStringinternal ip of given simulator.
SafeBreach.Simulator.is_web_application_attackerStringWhether the simulator is Web application attacker.
SafeBreach.Simulator.preferred_interfaceStringPreferred simulator interface.
SafeBreach.Simulator.preferred_ipStringPreferred Ip of simulator.
SafeBreach.Simulator.hostnameStringHostname of given simulator.
SafeBreach.Simulator.connection_typeStringconnection_type of given simulator.
SafeBreach.Simulator.simulator_statusStringstatus of the simulator.
SafeBreach.Simulator.connection_statusStringconnection status of simulator.
SafeBreach.Simulator.simulator_framework_versionStringFramework version of simulator.
SafeBreach.Simulator.operating_system_typeStringoperating system type of given simulator.
SafeBreach.Simulator.operating_systemStringOperating system of given simulator.
SafeBreach.Simulator.execution_hostnameStringExecution Hostname of the given simulator.
SafeBreach.Simulator.deploymentsStringdeployments simulator is part of.
SafeBreach.Simulator.created_atStringCreation datetime of simulator.
SafeBreach.Simulator.updated_atStringUpdate datetime of given simulator.
SafeBreach.Simulator.deleted_atStringdeletion datetime of given simulator.
SafeBreach.Simulator.assetsStringAssets of given simulator.
SafeBreach.Simulator.simulation_usersStringsimulator users list.
SafeBreach.Simulator.proxiesStringProxies of simulator.
SafeBreach.Simulator.advanced_actionsStringAdvanced simulator details.

safebreach-delete-test-with-id#


This command deletes tests with given test ID.

Base Command#

safebreach-delete-test-with-id

Input#

Argument NameDescriptionRequired
test_idId of test to be deleted.Required

Context Output#

PathTypeDescription
SafeBreach.Test.scenario_idStringscenario ID of the test.
SafeBreach.Test.simulation_nameStringName of the simulation.
SafeBreach.Test.security_action_per_controlStringSecurity Actions of the simulation.
SafeBreach.Test.test_idStringTest id of the test.
SafeBreach.Test.statusStringstatus of the test.
SafeBreach.Test.planned_simulations_amountStringPlanned simulations count of the test.
SafeBreach.Test.simulator_executionsStringsimulator executions of the test.
SafeBreach.Test.attack_executionsStringlist of attacks that are part of the simulation.
SafeBreach.Test.ran_byStringuser who started the simulation.
SafeBreach.Test.simulator_countStringsimulators count per account.
SafeBreach.Test.end_timeStringEnd Time of the test.
SafeBreach.Test.start_timeStringstart time of the test.
SafeBreach.Test.finalStatus.stoppedStringstopped count of attacks.
SafeBreach.Test.finalStatus.missedStringmissed count of attacks.
SafeBreach.Test.finalStatus.loggedStringlogged count of attacks.
SafeBreach.Test.finalStatus.detectedStringdetected count of attacks.
SafeBreach.Test.finalStatus.preventedStringprevented count of attacks.

safebreach-delete-user#


This command deletes a user with given data.

Base Command#

safebreach-delete-user

Input#

Argument NameDescriptionRequired
user_idID of user to be deleted. The Id can be retrieved by using get-all-users command.Required

Context Output#

PathTypeDescription
SafeBreach.User.idNumberThe ID of User whose data has been deleted.
SafeBreach.User.nameStringThe name of User deleted.
SafeBreach.User.emailStringThe email of User deleted.
SafeBreach.User.createdAtStringthe time at which the user who has been selected has been created
SafeBreach.User.updatedAtStringlast updated time.
SafeBreach.User.deletedAtStringDeletion time of user.
SafeBreach.User.rolesStringThe roles of User before they were deleted.
SafeBreach.User.descriptionStringThe description of User who has been deleted.
SafeBreach.User.roleStringThe roles and permissions of User who has been deleted.
SafeBreach.User.deploymentsStringThe deployments related to user before he was deleted.

safebreach-get-integration-issues#


This command gives all integrations related issues and warning. this will show the integrations error and warnings which are generally displayed in installed integrations page.

Base Command#

safebreach-get-integration-issues

Input#

Argument NameDescriptionRequired
error_typethis will help see issues which are either errors or warnings or both based on the input . Possible values are: , ERROR, WARNING.Optional

Context Output#

PathTypeDescription
SafeBreach.Integration.integration_idNumberThe ID of Integration. A general notation that has been followed here is as follows, if the id has _default at the end then its a default connector else its a custom connector
SafeBreach.Integration.integration_nameStringName of the integration
SafeBreach.Integration.actionStringThe action of Integration error. This describes where exactly did the error occur, if its search,then it implies error/warning happened when connector was trying that process
SafeBreach.Integration.success_stateStringstatus of integration error. This implies whether the connector was able to successfully perform the operation or if it failed partway. So false implies it failed partway and true implies it was successfully completed
SafeBreach.Integration.error_descriptionStringThis is the exact error description shown on safebreach integration error/warning page. This description can be used for understanding of what exactly happened for the integration to fail.
SafeBreach.Integration.timestampStringTime at which error/warning occurred. This can be used to pinpoint error which occurred across integrations if time of origin was remembered

safebreach-get-running-simulations#


This command gets simulations which are in running or queued state.

Base Command#

safebreach-get-running-simulations

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
SafeBreach.Test.test idStringthis is test ID of the simulation.
SafeBreach.Test.simulation_idStringthe simulation id of the simulation.
SafeBreach.Test.attack_idStringthe attack ID of the simulation.

safebreach-get-running-tests#


This command gets tests which are in running state.

Base Command#

safebreach-get-running-tests

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
SafeBreach.Test.idNumberId of Actively running test.
SafeBreach.Test.nameStringName of the test being run.
SafeBreach.Test.descriptionStringDetails related to the test being run.
SafeBreach.Test.success_criteriaStringsuccess criterion for the test.
SafeBreach.Test.original_scenario_idStringOriginal scenario ID of the running test
SafeBreach.Test.actions_countStringnumber of actions
SafeBreach.Test.edges_countStringnumber of edges.
SafeBreach.Test.created_atStringdetails related to when test is created.
SafeBreach.Test.updated_atStringdetails related to when test is last updated/changed
SafeBreach.Test.steps_countStringnumber of steps in simulator.
SafeBreach.Test.scenario_idStringscenario_id of the test.
SafeBreach.Test.original_scenario_idStringscenario_id for reference.
SafeBreach.Test.ran_byStringUser who ran the scenario.
SafeBreach.Test.ran_fromStringWhere the test ran from.
SafeBreach.Test.test_idStringtest id of the test.
SafeBreach.Test.priorityStringpriority of tests.
SafeBreach.Test.retry_simulationsStringShould simulations be retried
SafeBreach.Test.pause_durationStringis the test paused and if so till when
SafeBreach.Test.paused_dateStringwhen the test is paused
SafeBreach.Test.expected_simulations_amountStringnumber of simulations expected
SafeBreach.Test.dispatched_simulations_amountStringthe number of simulations dispatched
SafeBreach.Test.skipped_simulations_amountStringThe number of simulations skipped
SafeBreach.Test.failed_simulations_amountStringThe number of simulations failed

safebreach-get-available-simulator-details#


This command to get all available simulators. if details is set to true then it retrieves simulator details like name, hostname, internal and external ips, types of targets and attacker configurations this simulator is associated with etc. if its set to false then it retrieves just name, id, simulation users, proxies etc. if deleted is set to true then it retrieves the data which has been deleted.

Base Command#

safebreach-get-available-simulator-details

Input#

Argument NameDescriptionRequired
hostnameif hostname to be included for search.Optional
external_ipif external IP details to be included for search.Optional
internal_ipif Internal IP are to be included for search.Optional
osoperating system name to filter with, Eg: LINUX,WINDOWS etc, incase nothing is selected then this will be set as empty which means all are retrieved. Possible values are: , LINUX, MAC, WINDOWS.Optional
is_enabledif to search only enabled ones. Possible values are: true, false.Optional
is_connectedstatus of connection of simulators to search. Possible values are: true, false.Optional
is_criticalwhether to search only for critical simulators or not. Possible values are: true, false.Optional
additional_detailsWhether to show additional details or not. Possible values are: true, false.Optional
statusif simulator status are to be included for search. Possible values are: APPROVED, PENDING, ALL. Default is ALL.Optional

Context Output#

PathTypeDescription
SafeBreach.Simulator.is_enabledStringWhether the simulator is enabled or not.
SafeBreach.Simulator.simulator_idStringThe Id of given simulator.
SafeBreach.Simulator.nameStringname for given simulator.
SafeBreach.Simulator.account_idStringAccount Id of account Hosting given simulator.
SafeBreach.Simulator.is_criticalStringWhether the simulator is critical.
SafeBreach.Simulator.is_exfiltrationStringIf Simulator is exfiltration target.
SafeBreach.Simulator.is_infiltrationStringIf simulator is infiltration target.
SafeBreach.Simulator.is_mail_targetStringIf simulator is mail target.
SafeBreach.Simulator.is_mail_attackerStringIf simulator is mail attacker.
SafeBreach.Simulator.is_pre_executorStringWhether the simulator is pre executor.
SafeBreach.Simulator.is_aws_attackerStringif the given simulator is aws attacker.
SafeBreach.Simulator.is_azure_attackerStringIf the given simulator is azure attacker.
SafeBreach.Simulator.external_ipStringexternal ip of given simulator.
SafeBreach.Simulator.internal_ipStringinternal ip of given simulator.
SafeBreach.Simulator.is_web_application_attackerStringWhether the simulator is Web application attacker.
SafeBreach.Simulator.preferred_interfaceStringPreferred simulator interface.
SafeBreach.Simulator.preferred_ipStringPreferred Ip of simulator.
SafeBreach.Simulator.hostnameStringHostname of given simulator.
SafeBreach.Simulator.connection_typeStringconnection_type of given simulator.
SafeBreach.Simulator.simulator_statusStringstatus of the simulator.
SafeBreach.Simulator.connection_statusStringconnection status of simulator.
SafeBreach.Simulator.simulator_framework_versionStringFramework version of simulator.
SafeBreach.Simulator.operating_system_typeStringoperating system type of given simulator.
SafeBreach.Simulator.operating_systemStringOperating system of given simulator.
SafeBreach.Simulator.execution_hostnameStringExecution Hostname of the given simulator.
SafeBreach.Simulator.deploymentsStringdeployments simulator is part of.
SafeBreach.Simulator.created_atStringCreation datetime of simulator.
SafeBreach.Simulator.updated_atStringUpdate datetime of given simulator.
SafeBreach.Simulator.deleted_atStringdeletion datetime of given simulator.
SafeBreach.Simulator.assetsStringAssets of given simulator.
SafeBreach.Simulator.simulation_usersStringsimulator users list.
SafeBreach.Simulator.proxiesStringProxies of simulator.
SafeBreach.Simulator.advanced_actionsStringAdvanced simulator details.

safebreach-get-tests#


This command gets tests with given modifiers.

Base Command#

safebreach-get-tests

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
SafeBreach.Test.scenario_idStringscenario ID of the test.
SafeBreach.Test.simulation_nameStringName of the simulation.
SafeBreach.Test.security_action_per_controlStringSecurity Actions of the simulation.
SafeBreach.Test.test_idStringTest id of the test.
SafeBreach.Test.statusStringstatus of the test.
SafeBreach.Test.planned_simulations_amountStringPlanned simulations count of the test.
SafeBreach.Test.simulator_executionsStringsimulator executions of the test.
SafeBreach.Test.attack_executionsStringlist of attacks that are part of the simulation.
SafeBreach.Test.ran_byStringuser who started the simulation.
SafeBreach.Test.simulator_countStringsimulators count per account.
SafeBreach.Test.end_timeStringEnd Time of the test.
SafeBreach.Test.start_timeStringstart time of the test.
SafeBreach.Test.finalStatus.stoppedStringstopped count of attacks.
SafeBreach.Test.finalStatus.missedStringmissed count of attacks.
SafeBreach.Test.finalStatus.loggedStringlogged count of attacks.
SafeBreach.Test.finalStatus.detectedStringdetected count of attacks.
SafeBreach.Test.finalStatus.preventedStringprevented count of attacks.

safebreach-get-tests-with-scenario-id#


This command gets tests with given scenario ID as part of it.

Base Command#

safebreach-get-tests-with-scenario-id

Input#

Argument NameDescriptionRequired
scenario_idScenario Id for test which has to be filtered. this can be found on UI, if unsure about this then please run safebreach-get-tests instead of this with same parameters as inputs.Required

Context Output#

PathTypeDescription
SafeBreach.Test.scenario_idStringscenario ID of the test.
SafeBreach.Test.simulation_nameStringName of the simulation.
SafeBreach.Test.security_action_per_controlStringSecurity Actions of the simulation.
SafeBreach.Test.test_idStringTest id of the test.
SafeBreach.Test.statusStringstatus of the test.
SafeBreach.Test.planned_simulations_amountStringPlanned simulations count of the test.
SafeBreach.Test.simulator_executionsStringsimulator executions of the test.
SafeBreach.Test.attack_executionsStringlist of attacks that are part of the simulation.
SafeBreach.Test.ran_byStringuser who started the simulation.
SafeBreach.Test.simulator_countStringsimulators count per account.
SafeBreach.Test.end_timeStringEnd Time of the test.
SafeBreach.Test.start_timeStringstart time of the test.
SafeBreach.Test.finalStatus.stoppedStringstopped count of attacks.
SafeBreach.Test.finalStatus.missedStringmissed count of attacks.
SafeBreach.Test.finalStatus.loggedStringlogged count of attacks.
SafeBreach.Test.finalStatus.detectedStringdetected count of attacks.
SafeBreach.Test.finalStatus.preventedStringprevented count of attacks.

safebreach-get-all-users#


This command gives all users who are not deleted.

Base Command#

safebreach-get-all-users

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
SafeBreach.User.idNumberThe ID of User retrieved. this can be used to further link this user with user_id field of safebreach-update-user or safebreach-delete-user commands
SafeBreach.User.nameStringThe name of User retrieved.
SafeBreach.User.emailStringThe email of User retrieved. this can be used for updating user or deleting user for input email of commands safebreach-update-user or safebreach-delete-user

safebreach-get-custom-scenarios#


This command retrieves scenarios which are saved by user as custom scenarios. they generally have configurations and everything set up and will be ready to run as tests

Base Command#

safebreach-get-custom-scenarios

Input#

Argument NameDescriptionRequired
schedule_detailsDetails of custom scenarios (My scenarios). Possible values are: false, true. Default is true. Possible values are: false, true. Default is true.Optional

Context Output#

PathTypeDescription
SafeBreach.Scenario.idStringthe Id of scenario.
SafeBreach.Scenario.nameStringthe name of the scenario.
SafeBreach.Scenario.descriptionStringthe description of the scenario.
SafeBreach.Scenario.success_criteriaStringsuccess criteria the scenario.
SafeBreach.Scenario.original_scenario_idStringoriginal scenario id of scenario.
SafeBreach.Scenario.actions_listStringactions list of the scenario.
SafeBreach.Scenario.edges_countStringedges_count for the scenario.
SafeBreach.Scenario.steps_orderStringthe order of steps of the scenario.
SafeBreach.Scenario.created_atStringthe creation datetime of the scenario.
SafeBreach.Scenario.updated_atStringthe last updated time the scenario.

safebreach-list-deployments#


This command gets all deployments present for this instance.

Base Command#

safebreach-list-deployments

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
SafeBreach.Deployment.idNumberThe ID of deployment
SafeBreach.Deployment.account_idStringThe accountId of user who created the deployment.
SafeBreach.Deployment.nameStringThe name of deployment. this will be the name shown in deployment name field of table in deployments page in safebreach UI
SafeBreach.Deployment.created_atStringThe creation date and time of deployment.
SafeBreach.Deployment.updated_atStringThe last updated date and time of deployment.
SafeBreach.Deployment.descriptionStringThis is description field of deployments table of safebreach UI
SafeBreach.Deployment.simulatorsStringThe simulators that are part of deployment.

safebreach-get-indicators#


This command fetches SafeBreach Insights from which indicators are extracted, creating new indicators or updating existing indicators.

Base Command#

safebreach-get-indicators

Input#

Argument NameDescriptionRequired
test_idTest ID of the insight.Required
limitThe maximum number of indicators to generate. The default is 1000.Optional
insightCategoryMulti-select option for the category of the insights to get remediation data for:Network Access, Network Inspection, Endpoint, Email, Web, Data Leak.Optional
insightDataTypeMulti-select option for the remediation data type to get: Hash, Domain, URI, Command, Port, Protocol, Registry.Optional
behavioralReputationSelect option for the category of behavioral reputation.Optional
nonBehavioralReputationSelect option for the category of non-behavioral reputation.Optional

Context Output#

PathTypeDescription
SafeBreach.Indicator.valueStringThe value of the indicator
SafeBreach.Indicator.typeStringThe type of the indicator
SafeBreach.Indicator.rawJSON.dataTypeStringThe data type of the indicator
SafeBreach.Indicator.rawJSON.insightTimeStringThe time of the insight
SafeBreach.Indicator.rawJSON.valueStringThe data type value of the indicator
SafeBreach.Indicator.fields.descriptionStringThe description of the indicator
SafeBreach.Indicator.fields.safebreachseverityStringThe severity of the indicator
SafeBreach.Indicator.fields.safebreachseverityscoreStringThe severity score of the indicator
SafeBreach.Indicator.fields.safebreachisbehavioralBooleanThe behavioral of the indicator
SafeBreach.Indicator.fields.safebreachattackidsUnknownThe attack ids of the indicator
SafeBreach.Indicator.fields.portStringThe port of the indicator
SafeBreach.Indicator.fields.tagsStringThe tags of the indicator
SafeBreach.Indicator.scoreNumberThe score of the indicator

safebreach-get-simulator-download-links#


This command gets a list of links for download (item per operating system) for the latest available version.

Base Command#

safebreach-get-simulator-download-links

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
SafeBreach.Installation.md5StringThe MD5 generated from the contents of the file
SafeBreach.Installation.osStringThe operating system for which the update is intended
SafeBreach.Installation.sha1StringThe sha1 generated from the contents of the file.
SafeBreach.Installation.sha256StringThe sha256 generated from the contents of the file.
SafeBreach.Installation.sha512StringThe sha512 generated from the contents of the file.
SafeBreach.Installation.sha512StringThe sha512 generated from the contents of the file.
SafeBreach.Installation.urlStringThe URL from which update can be downloaded.
SafeBreach.Installation.versionStringThis indicates the simulator version.

safebreach-get-prebuilt-scenarios#


This command gets scenarios which are built by safebreach. They will be available by default even in new instance of your safebreach instance. They can be modified and saved as custom scenarios or used as it is.

Base Command#

safebreach-get-prebuilt-scenarios

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
SafeBreach.Scenario.idStringthe Id of scenario.
SafeBreach.Scenario.nameStringhe name of the scenario.
SafeBreach.Scenario.descriptionStringthe description of the scenario.
SafeBreach.Scenario.created_byStringuser id of user, who created the scenario.
SafeBreach.Scenario.created_atStringcreation datetime of scenario.
SafeBreach.Scenario.updated_atStringthe update datetime of the scenario.
SafeBreach.Scenario.recommendedStringthe recommendation status of the scenario.
SafeBreach.Scenario.tags_listStringthe tags related to the scenario.
SafeBreach.Scenario.categoriesStringthe category ids of the scenario.
SafeBreach.Scenario.steps_orderStringthe order of steps involved in the scenario.
SafeBreach.Scenario.orderStringthe order of execution related to the scenario.
SafeBreach.Scenario.min_api_verStringthe minimum version of API required for scenario to be executed

safebreach-get-scheduled-scenarios#


This command retrieves schedules from safebreach which user has set and they will display it to user. By default Name is not shown, to retrieve and see it, please run 'safebreach-get-custom-scenarios' command to find name of scenario to which the schedule is associated with.

Base Command#

safebreach-get-scheduled-scenarios

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
SafeBreach.Schedules.idStringthe Id of the schedule.
SafeBreach.Schedules.is_enabledBooleanif simulation is enabled.
SafeBreach.Schedules.user_scheduleStringthe user readable form of the schedule.
SafeBreach.Schedules.run_dateStringthe run date of the schedule.
SafeBreach.Schedules.cron_timezoneStringthe time zone of the schedule.
SafeBreach.Schedules.descriptionStringthe description of the schedule.
SafeBreach.Schedules.scenario_idStringthe matrix ID of the schedule.
SafeBreach.Schedules.created_atStringthe creation datetime of the schedule.
SafeBreach.Schedules.updated_atStringthe updated datetime of the schedule.
SafeBreach.Schedules.deleted_atStringthe deletion time of the schedule.

safebreach-get-services-status#


This command facilitates the retrieval of service statuses from SafeBreach,presenting them to the user in a tabular format. In the event that services are inactive,pertinent details regarding their downtime or last operational status are also displayed.

Base Command#

safebreach-get-services-status

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
SafeBreach.Service.nameStringthe name of the service.
SafeBreach.Service.versionStringversion of the service.
SafeBreach.Service.connection statusStringconnection status of service.
SafeBreach.Service.errorStringerror status of service.

safebreach-get-simulations#


This command facilitates the retrieval of simulations and their associated data for a specified test. It can be used as a precursor command for the rerun-simulations command, streamlining the process of queuing simulations. It's important to note that this command currently lacks pagination limiters, potentially resulting in the retrieval of a large volume of data.

Base Command#

safebreach-get-simulations

Input#

Argument NameDescriptionRequired
test_idThis is ID of the test whose simulations will be retrieved.Optional

Context Output#

PathTypeDescription
SafeBreach.Simulation.simulation_idStringthe id of the simulation.
SafeBreach.Simulation.attacker_node_nameStringName of attacker node of simulation.
SafeBreach.Simulation.target_node_nameStringname of target of simulation.
SafeBreach.Simulation.dest_node_nameStringname of destination of simulation.
SafeBreach.Simulation.attack_nameStringname of attack
SafeBreach.Simulation.attacks_involvedStringattack types involved in of simulation.
SafeBreach.Simulation.result_detailsStringresult of simulation.
SafeBreach.Simulation.security_actionStringsecurity status as per the simulation.
SafeBreach.Simulation.attack_descriptionStringattack details.

safebreach-get-available-simulator-count#


This command gives all details related to account, we are using this to find assigned simulator quota.

Base Command#

safebreach-get-available-simulator-count

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
SafeBreach.Account.idNumberThe account ID which is being used by integration.
SafeBreach.Account.nameStringThe Account Name of account being queried.
SafeBreach.Account.contact_nameStringContact name for given account.
SafeBreach.Account.contact_emailStringEmail of the contact person.
SafeBreach.Account.user_quotaStringUser Quota for the given account, maximum users which are allowed for the account.
SafeBreach.Account.simulators_quotaNumberThe simulator quota for the given account. The maximum number of simulators which are available for the account.
SafeBreach.Account.registration_dateNumberThe registration date of given account.
SafeBreach.Account.activation_dateStringThe Activation date of given account.
SafeBreach.Account.expiration_dateStringAccount expiration date.

safebreach-get-simulator-with-id#


This command gives simulator with given id

Base Command#

safebreach-get-simulator-with-id

Input#

Argument NameDescriptionRequired
simulator_idsimulator id.Required

Context Output#

PathTypeDescription
SafeBreach.Simulator.is_enabledStringWhether the simulator is enabled or not.
SafeBreach.Simulator.simulator_idStringThe Id of given simulator.
SafeBreach.Simulator.nameStringname for given simulator.
SafeBreach.Simulator.account_idStringAccount Id of account Hosting given simulator.
SafeBreach.Simulator.is_criticalStringWhether the simulator is critical.
SafeBreach.Simulator.is_exfiltrationStringIf Simulator is exfiltration target.
SafeBreach.Simulator.is_infiltrationStringIf simulator is infiltration target.
SafeBreach.Simulator.is_mail_targetStringIf simulator is mail target.
SafeBreach.Simulator.is_mail_attackerStringIf simulator is mail attacker.
SafeBreach.Simulator.is_pre_executorStringWhether the simulator is pre executor.
SafeBreach.Simulator.is_aws_attackerStringif the given simulator is aws attacker.
SafeBreach.Simulator.is_azure_attackerStringIf the given simulator is azure attacker.
SafeBreach.Simulator.external_ipStringexternal ip of given simulator.
SafeBreach.Simulator.internal_ipStringinternal ip of given simulator.
SafeBreach.Simulator.is_web_application_attackerStringWhether the simulator is Web application attacker.
SafeBreach.Simulator.preferred_interfaceStringPreferred simulator interface.
SafeBreach.Simulator.preferred_ipStringPreferred Ip of simulator.
SafeBreach.Simulator.hostnameStringHostname of given simulator.
SafeBreach.Simulator.connection_typeStringconnection_type of given simulator.
SafeBreach.Simulator.simulator_statusStringstatus of the simulator.
SafeBreach.Simulator.connection_statusStringconnection status of simulator.
SafeBreach.Simulator.simulator_framework_versionStringFramework version of simulator.
SafeBreach.Simulator.operating_system_typeStringoperating system type of given simulator.
SafeBreach.Simulator.operating_systemStringOperating system of given simulator.
SafeBreach.Simulator.execution_hostnameStringExecution Hostname of the given simulator.
SafeBreach.Simulator.deploymentsStringdeployments simulator is part of.
SafeBreach.Simulator.created_atStringCreation datetime of simulator.
SafeBreach.Simulator.updated_atStringUpdate datetime of given simulator.
SafeBreach.Simulator.deleted_atStringdeletion datetime of given simulator.
SafeBreach.Simulator.assetsStringAssets of given simulator.
SafeBreach.Simulator.simulation_usersStringsimulator users list.
SafeBreach.Simulator.proxiesStringProxies of simulator.
SafeBreach.Simulator.advanced_actionsStringAdvanced simulator details.

safebreach-get-simulators-versions-list#


This command fetches the list of SafeBreach simulators

Base Command#

safebreach-get-simulators-versions-list

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
SafeBreach.Simulator.idStringSimulator Id
SafeBreach.Simulator.lastUpdateDateStringSimulator last updated data
SafeBreach.Simulator.lastUpdateStatusStringSimulator last updated status
SafeBreach.Simulator.currentStatusStringSimulator current status
SafeBreach.Simulator.availableVersionsUnknownSimulator available versions

safebreach-get-user-with-matching-name-or-email#


The command retrieves users based on the provided inputs. If an email is provided, it returns the user associated with that email, as email is a unique identifierIf a name is provided, exact name matching is required to ensure accurate retrieval of a single user;otherwise, multiple users may be returned. It's essential to note that either a name or an email must be populated as input;failure to provide either results in an error.

Base Command#

safebreach-get-user-with-matching-name-or-email

Input#

Argument NameDescriptionRequired
nameName of the user. Partial match is supported.Optional
emailEmail of the user. Exact match required.Optional

Context Output#

PathTypeDescription
SafeBreach.User.idNumberThe ID of User retrieved. this can be used to further link this user with user_id field of safebreach-update-user or safebreach-delete-user commands
SafeBreach.User.nameStringThe name of User retrieved.
SafeBreach.User.emailStringThe email of User retrieved. this can be used for updating user or deleting user for input email of commands safebreach-update-user or safebreach-delete-user

safebreach-get-verification-token#


This command retrieves existing verification token needed for verification of the simulators.

Base Command#

safebreach-get-verification-token

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
SafeBreach.Token.tokenStringthe value of new verification token.

safebreach-pause/resume-simulations-tests#


This command gets simulations/tests which are in running or queued state and pauses/resumes them based on input selected. The state selected will be applied for all running/queued state tasks whether they are simulations/tests.

Base Command#

safebreach-pause/resume-simulations-tests

Input#

Argument NameDescriptionRequired
simulation_or_test_stateState of tests/simulators to set to:
1. pause will set all simulations/tests which are in queue/running to paused stated and resume all will be the state of button in running simulations page.
2. resume will queue all simulations/tests and will set them to running/queued depending on priority.
Note that this doe not affect the schedules and scheduled tasks unless they are running or active at the moment of execution of the command. Possible values are: resume, pause.
Required

Context Output#

PathTypeDescription
SafeBreach.Test.statusStringthe status of the simulations/tests.

safebreach-rerun-simulation#


this commands puts given simulation ids into queue for running.

Base Command#

safebreach-rerun-simulation

Input#

Argument NameDescriptionRequired
simulation_idsids of simulation we want to queue, please give ids of simulations as comma separated numbers.Required
test_nametest name for the given test.Required

Context Output#

PathTypeDescription
SafeBreach.Simulation.idStringthe Id of simulation.
SafeBreach.Simulation.nameStringthe name of the simulation.
SafeBreach.Simulation.descriptionStringthe description of the simulation.
SafeBreach.Simulation.success_criteriaStringsuccess criteria the simulation.
SafeBreach.Simulation.original_scenario_idStringoriginal simulation id of simulation.
SafeBreach.Simulation.actions_listStringactions list of the simulation.
SafeBreach.Simulation.steps_orderStringthe order of steps of the simulation.
SafeBreach.Simulation.createdAtStringthe creation datetime of the simulation.
SafeBreach.Simulation.updatedAtStringthe last updated time the simulation.

safebreach-rerun-test#


This command puts given test data in queue for execution.

Base Command#

safebreach-rerun-test

Input#

Argument NameDescriptionRequired
test_idtest id for the given test, this is be test id field from get-all-tests-summary command.Required
test_nametest name for the given test.Required

Context Output#

PathTypeDescription
SafeBreach.Test.idStringthe Id of test.
SafeBreach.Test.nameStringthe name of the test.
SafeBreach.Test.descriptionStringthe description of the test.
SafeBreach.Test.success_criteriaStringsuccess criteria the test.
SafeBreach.Test.original_scenario_idStringoriginal scenario id of test.
SafeBreach.Test.actions_listStringactions list of the test.
SafeBreach.Test.edges_countStringedges_count for the test.
SafeBreach.Test.steps_orderStringthe order of steps of the test.
SafeBreach.Test.created_atStringthe creation datetime of the test.
SafeBreach.Test.updated_atStringthe last updated time the test.
SafeBreach.Test.scenario_idStringthe test id of the test.
SafeBreach.Test.ran_byStringthe user id of the user who ran the test.
SafeBreach.Test.ran_fromStringwhere the user ran the test from.
SafeBreach.Test.enable_feedback_loopStringfeedback loop status of the test.
SafeBreach.Test.test_idStringtest_id of the test.
SafeBreach.Test.priorityStringpriority of the test.
SafeBreach.Test.retry_simulationsStringretry status of the test.

safebreach-rotate-verification-token#


This command rotates generated verification token meaning it creates a new token which will be used for verification of simulator and adding the simulator.

Base Command#

safebreach-rotate-verification-token

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
SafeBreach.Token.new_tokenStringNew token which has been generated due to the API call

safebreach-update-deployment#


This command updates a deployment with given data. The deployment_id field of this command can be retrieved from 'safebreach-list-deployments' command. If the user wants to search with deployment ID then they can search it

Base Command#

safebreach-update-deployment

Input#

Argument NameDescriptionRequired
deployment_idID of the deployment to update. Can be searched with list-deployments command.Required
updated_simulators_for_deploymentComma separated ID of all simulators to be part of the deployment Simulators can be retrieved by calling get-all-available-simulator-details command.Optional
updated_deployment_nameDeployment name.Optional
updated_deployment_descriptionDeployment description.Optional

Context Output#

PathTypeDescription
SafeBreach.Deployment.idNumberThe ID of deployment whose values have been updated. ID cant be changed so this wont be updated.
SafeBreach.Deployment.account_idStringThe accountId of user who created the deployment.
SafeBreach.Deployment.nameStringThe name of deployment which has been updated to the name given in updated_deployment_name. this will be the name shown in deployment name field of table in deployments page in safebreach UI
SafeBreach.Deployment.created_atStringThe creation date and time of deployment whose data has been updated.
SafeBreach.Deployment.updated_atStringThe last updated date and time of deployment whose data has been updated. This will generally be closer to the update deployment command run time for reference
SafeBreach.Deployment.descriptionStringThe updated description of deployment which is provided in updated_deployment_description field of input . This will now be the description which is shown in description field of deployments table of safebreach UI
SafeBreach.Deployment.simulatorsStringThe simulators that are part of deployment. unless any simulators are given as input this field won't be updated this field doesn't reflect changes if simulators given as input are deleted

safebreach-update-simulator#


This command updates simulator with given id. the given inputs for update fields will be updated to the selected filed values will be updated to given value.

Base Command#

safebreach-update-simulator

Input#

Argument NameDescriptionRequired
simulator_idSimulator ID.Required
connection_urlThe given value will be set as connection string, meaning this can be used to connect to this URL.Optional
cloud_proxy_urlthe given value will be set as cloud proxy url.Optional
nameThe given value will be set as name of simulator. This will be the name of simulator once the command runs.Optional
preferred_interfacethe given value will be set as preferred interface.Optional
preferred_ipthe given value will be set as Preferred IP to connect to the simulator.Optional
tunnelthe given value will be set as tunnel.Optional

Context Output#

PathTypeDescription
SafeBreach.Simulator.is_enabledStringWhether the simulator is enabled or not.
SafeBreach.Simulator.simulator_idStringThe Id of given simulator.
SafeBreach.Simulator.nameStringname for given simulator.
SafeBreach.Simulator.account_idStringAccount Id of account Hosting given simulator.
SafeBreach.Simulator.is_criticalStringWhether the simulator is critical.
SafeBreach.Simulator.is_exfiltrationStringIf Simulator is exfiltration target.
SafeBreach.Simulator.is_infiltrationStringIf simulator is infiltration target.
SafeBreach.Simulator.is_mail_targetStringIf simulator is mail target.
SafeBreach.Simulator.is_mail_attackerStringIf simulator is mail attacker.
SafeBreach.Simulator.is_pre_executorStringWhether the simulator is pre executor.
SafeBreach.Simulator.is_aws_attackerStringif the given simulator is aws attacker.
SafeBreach.Simulator.is_azure_attackerStringIf the given simulator is azure attacker.
SafeBreach.Simulator.external_ipStringexternal ip of given simulator.
SafeBreach.Simulator.internal_ipStringinternal ip of given simulator.
SafeBreach.Simulator.is_web_application_attackerStringWhether the simulator is Web application attacker.
SafeBreach.Simulator.preferred_interfaceStringPreferred simulator interface.
SafeBreach.Simulator.preferred_ipStringPreferred Ip of simulator.
SafeBreach.Simulator.hostnameStringHostname of given simulator.
SafeBreach.Simulator.connection_typeStringconnection_type of given simulator.
SafeBreach.Simulator.simulator_statusStringstatus of the simulator.
SafeBreach.Simulator.connection_statusStringconnection status of simulator.
SafeBreach.Simulator.simulator_framework_versionStringFramework version of simulator.
SafeBreach.Simulator.operating_system_typeStringoperating system type of given simulator.
SafeBreach.Simulator.operating_systemStringOperating system of given simulator.
SafeBreach.Simulator.execution_hostnameStringExecution Hostname of the given simulator.
SafeBreach.Simulator.deploymentsStringdeployments simulator is part of.
SafeBreach.Simulator.created_atStringCreation datetime of simulator.
SafeBreach.Simulator.updated_atStringUpdate datetime of given simulator.
SafeBreach.Simulator.deleted_atStringdeletion datetime of given simulator.
SafeBreach.Simulator.assetsStringAssets of given simulator.
SafeBreach.Simulator.simulation_usersStringsimulator users list.
SafeBreach.Simulator.proxiesStringProxies of simulator.
SafeBreach.Simulator.advanced_actionsStringAdvanced simulator details.

safebreach-upgrade-simulator#


This command updates the simulator using the Simulator ID and available version.

Base Command#

safebreach-upgrade-simulator

Input#

Argument NameDescriptionRequired
simulator_idSimulator ID.Required
simulator_versionThe version should be in the format of the safebreach-get-simulators-versions-list command and that 'latest' can be used. The default is the latest.Required

Context Output#

PathTypeDescription
SafeBreach.Simulator.nodeIdStringSimulator ID
SafeBreach.Simulator.statusStringSimulator status

safebreach-update-user#


This command updates a user with given data.

Base Command#

safebreach-update-user

Input#

Argument NameDescriptionRequired
user_iduser ID of user from safebreach to search.Required
nameUpdate the user name to given value of this field.Optional
user_descriptionUpdate the user Description to given value in this field.Optional
is_activeUpdate the user Status based on the input, if this is set to false then user will be deactivated. unless this field is left empty, whatever is present here will be updated to user details. user will be selected based on user_id field mentioned above. Possible values are: true, false, .Optional
passwordPassword of user to be updated with. this will be used for changing password for user. unless this field is left empty, whatever is present here will be updated to user details. user will be selected based on user_id field mentioned above.Optional
user_roleRole of the user to be changed to. unless you want to change the user role and permissions, dont select anything in this field, user will be selected based on user_id field mentioned above. Possible values are: viewer, administrator, contentDeveloper, operator.Optional
deploymentsComma separated ID of all deployments the user should be part of. unless this field is left empty, whatever is present here will be updated to user details.incase there are old deployments assigned to user then please include them too, else they will be replaced with new values.User will be selected based on user_id field mentioned above.Optional

Context Output#

PathTypeDescription
SafeBreach.User.idNumberThe ID of User whose data has been updated.
SafeBreach.User.nameStringThe name of User after running the update command according to safebreach records.
SafeBreach.User.emailStringthe email of the user whose data has been updated by the command.
SafeBreach.User.createdAtStringthe time at which the user who has been selected has been created
SafeBreach.User.updatedAtStringThe last updated time of User selected for update. this will be the execution time for the command or close to it.
SafeBreach.User.deletedAtStringThe Deletion time of User selected to update. Generally this is empty unless user chosen to update is a deleted user
SafeBreach.User.rolesStringThe roles of User updated. these will change if role has been updated during updating user details else they will be same as pre update.
SafeBreach.User.descriptionStringThe description of User after updating user, if description field has been given any new value during update then its updated else this will be left unchanged from previous value.
SafeBreach.User.roleStringThe roles and permissions related to user who has been selected for update.unless this field has been given a value , this will not be updated and will stay the same as previous value.
SafeBreach.User.deploymentsStringThe deployments related to user, this will be comma separated values of deployment IDs