Skip to main content

Safewalk Reports

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Safewalk server integration This integration was integrated and tested with version 3 of SafewalkReports

Configure SafewalkReports on Cortex XSOAR#

  1. Navigate to Settings > Integrations > Servers & Services.

  2. Search for SafewalkReports.

  3. Click Add instance to create and configure a new integration instance.

    ParameterDescriptionRequired
    Server URL (e.g. https://soar.monstersofhack.com)True
    Fetch incidentsFalse
    Incident typeFalse
    API KeyTrue
    Trust any certificate (not secure)False
    Use system proxy settingsFalse
    Fetch indicatorsFalse
    Incidents Fetch IntervalFalse
    False
    False
    False
    Indicator ReputationIndicators from this integration instance will be marked with this reputationFalse
    Source ReliabilityReliability of the source providing the intelligence dataTrue
    False
    False
    Feed Fetch IntervalFalse
    Bypass exclusion listWhen selected, the exclusion list is ignored for indicators from this feed. This means that if an indicator from this feed is on the exclusion list, the indicator might still be added to the system.False
    TagsSupports CSV values.False
    Traffic Light Protocol ColorThe Traffic Light Protocol (TLP) designation to apply to indicators fetched from the feedFalse
  4. Click Test to validate the URLs, token, and connection.

Commands#

You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

safewalk-get-associated-users#


safewalk-get-associated-users

Base Command#

safewalk-get-associated-users

Input#

Argument NameDescriptionRequired
devicetypedevicetype.Optional

Context Output#

PathTypeDescription
Safewalk.reports.associated_users.data.idStringusers data id
Safewalk.reports.associated_users.data.labelStringusers data label

Human Readable Output#

safewalk-get-authentication-methods-distribution#


safewalk-get-authentication-methods-distribution

Base Command#

safewalk-get-authentication-methods-distribution

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
Safewalk.reports.device_auth_distribution.data.idStringdevice_auth_distribution.data.id
Safewalk.reports.device_auth_distribution.data.labelStringdevice_auth_distribution.data.label
Safewalk.reports.device_auth_distribution.data.typeStringdevice_auth_distribution.data.type
Safewalk.reports.device_auth_distribution.dataNumberdevice_auth_distribution.data

Human Readable Output#

safewalk-get-authentication-rate-per-device#


safewalk-get-authentication-rate-per-device

Base Command#

safewalk-get-authentication-rate-per-device

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
Safewalk.reports.device_auth_rate.data.idStringdevice_auth_rate.data.id
Safewalk.reports.device_auth_rate.data.labelStringdevice_auth_rate.data.label
Safewalk.reports.device_auth_rate.data.typeStringdevice_auth_rate.data.type
Safewalk.reports.device_auth_rate.dataNumberdevice_auth_rate.data

Human Readable Output#

safewalk-get-least-active-users#


safewalk-get-least-active-users

Base Command#

safewalk-get-least-active-users

Input#

Argument NameDescriptionRequired
sincedatesincedate.Optional
userinformationuserinformation.Optional

Context Output#

PathTypeDescription
Safewalk.reports.inactive_users.data.idStringinactive_users.data.id
Safewalk.reports.inactive_users.data.labelStringinactive_users.data.label

Human Readable Output#

safewalk-get-licenses-inventory#


safewalk-get-licenses-inventory

Base Command#

safewalk-get-licenses-inventory

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
Safewalk.reports.licensesinventory.totalNumberlicenses inventory total
Safewalk.reports.licensesinventory.data.idStringicenses inventory data id
Safewalk.reports.licensesinventory.data.labelStringlicenses inventory data label
Safewalk.reports.licensesinventory.data.typeStringlicenses inventory data type
Safewalk.reports.licensesinventory.dataNumberlicenses inventory data

Human Readable Output#

safewalk-get-licenses-usage#


safewalk-get-licenses-usage

Base Command#

safewalk-get-licenses-usage

Input#

Argument NameDescriptionRequired
begindatebegindate.Optional
enddateenddate.Optional

Context Output#

PathTypeDescription
Safewalk.reports.licensesusage.totalNumberlicenses usage total
Safewalk.reports.licensesusage.data.idStringlicenses usage data id
Safewalk.reports.licensesusage.data.labelStringlicenses usage data label
Safewalk.reports.licensesusage.data.typeStringlicenses usage data type
Safewalk.reports.licensesusage.dataNumberlicenses usage data

Human Readable Output#

safewalk-get-most-active-users#


safewalk-get-most-active-users

Base Command#

safewalk-get-most-active-users

Input#

Argument NameDescriptionRequired
daysdays.Optional
limitlimit.Optional
userinformationuserinformation.Optional

Context Output#

PathTypeDescription
Safewalk.reports.mostactiveusers.data.idStringmostactiveusers.data.id
Safewalk.reports.mostactiveusers.data.labelStringmostactiveusers.data.label
Safewalk.reports.mostactiveusers.data.typeStringmostactiveusers.data.type
Safewalk.reports.mostactiveusers.dataStringmostactiveusers.data

Human Readable Output#

safewalk-get-physical-tokens-inventory#


safewalk-get-physical-tokens-inventory

Base Command#

safewalk-get-physical-tokens-inventory

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
Safewalk.reports.physicaltokeninventory.totalNumberphysicaltokeninventory.total
Safewalk.reports.physicaltokeninventory.data.idStringphysicaltokeninventory.data.id
Safewalk.reports.physicaltokeninventory.data.labelStringphysicaltokeninventory.data.label
Safewalk.reports.physicaltokeninventory.data.typeStringphysicaltokeninventory.data.type
Safewalk.reports.physicaltokeninventory.dataNumberphysicaltokeninventory.data

Human Readable Output#

safewalk-get-registered-devices-distribution#


safewalk-get-registered-devices-distribution

Base Command#

safewalk-get-registered-devices-distribution

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
Safewalk.reports.registereddevices.totalNumberregistereddevices.total
Safewalk.reports.registereddevices.data.idStringregistereddevices.data.id
Safewalk.reports.registereddevices.data.labelStringregistereddevices.data.label
Safewalk.reports.registereddevices.data.typeStringregistereddevices.data.type
Safewalk.reports.registereddevices.dataNumberregistereddevices.data

Human Readable Output#

safewalk-get-registration#


safewalk-get-registration

Base Command#

safewalk-get-registration

Input#

Argument NameDescriptionRequired
begindatebegindate.Optional
enddateenddate.Optional
userinformationuserinformation.Optional

Context Output#

PathTypeDescription
Safewalk.reports.registration.totalNumberregistration.total
Safewalk.reports.registration.data.idStringregistration.data.id
Safewalk.reports.registration.data.labelStringregistration.data.label
Safewalk.reports.registration.data.typeStringregistration.data.type

Human Readable Output#

safewalk-get-users-associations-indicators#


safewalk-get-users-associations-indicators

Base Command#

safewalk-get-users-associations-indicators

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
Safewalk.reports.usersassociations.totalNumberusersassociations.total
Safewalk.reports.usersassociations.data.idStringusersassociations.data.id
Safewalk.reports.usersassociations.data.labelStringusersassociations.data.label
Safewalk.reports.usersassociations.data.typeStringusersassociations.data.type
Safewalk.reports.usersassociations.dataNumberusersassociations.data

Human Readable Output#