2020-12-02 02:24:25 -08:00
|
|
|
import {
|
|
|
|
INodeProperties,
|
|
|
|
} from 'n8n-workflow';
|
|
|
|
|
|
|
|
import {
|
|
|
|
TLP,
|
|
|
|
} from '../interfaces/AlertInterface';
|
|
|
|
|
2021-12-03 00:44:16 -08:00
|
|
|
export const alertOperations: INodeProperties[] = [
|
2020-12-02 02:24:25 -08:00
|
|
|
{
|
|
|
|
displayName: 'Operation',
|
|
|
|
name: 'operation',
|
|
|
|
type: 'options',
|
|
|
|
required: true,
|
|
|
|
typeOptions: {
|
|
|
|
loadOptionsMethod: 'loadAlertOptions',
|
|
|
|
},
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
default: 'create',
|
|
|
|
},
|
2021-12-03 00:44:16 -08:00
|
|
|
];
|
2020-12-02 02:24:25 -08:00
|
|
|
|
2021-12-03 00:44:16 -08:00
|
|
|
export const alertFields: INodeProperties[] = [
|
2020-12-02 02:24:25 -08:00
|
|
|
{
|
|
|
|
displayName: 'Return All',
|
|
|
|
name: 'returnAll',
|
|
|
|
type: 'boolean',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
operation: [
|
|
|
|
'getAll',
|
|
|
|
],
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
default: false,
|
|
|
|
description: 'If all results should be returned or only up to a given limit.',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Limit',
|
|
|
|
name: 'limit',
|
|
|
|
type: 'number',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
operation: [
|
|
|
|
'getAll',
|
|
|
|
],
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
returnAll: [
|
|
|
|
false,
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
typeOptions: {
|
|
|
|
minValue: 1,
|
|
|
|
maxValue: 500,
|
|
|
|
},
|
|
|
|
default: 100,
|
|
|
|
description: 'How many results to return.',
|
|
|
|
},
|
|
|
|
// required attributs
|
|
|
|
{
|
|
|
|
displayName: 'Alert ID',
|
|
|
|
name: 'id',
|
|
|
|
type: 'string',
|
|
|
|
required: true,
|
|
|
|
default: '',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
2020-12-02 02:54:10 -08:00
|
|
|
'alert',
|
2020-12-02 02:24:25 -08:00
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'promote',
|
2021-03-18 05:06:51 -07:00
|
|
|
'markAsRead',
|
|
|
|
'markAsUnread',
|
2020-12-02 02:24:25 -08:00
|
|
|
'merge',
|
|
|
|
'update',
|
|
|
|
'executeResponder',
|
|
|
|
'get',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
2020-12-02 02:54:10 -08:00
|
|
|
description: 'Title of the alert',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Case ID',
|
|
|
|
name: 'caseId',
|
|
|
|
type: 'string',
|
|
|
|
required: true,
|
|
|
|
default: '',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'merge',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Title',
|
|
|
|
name: 'title',
|
|
|
|
type: 'string',
|
|
|
|
required: true,
|
|
|
|
default: '',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'create',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
description: 'Title of the alert',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Description',
|
|
|
|
name: 'description',
|
|
|
|
type: 'string',
|
|
|
|
required: true,
|
|
|
|
default: '',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'create',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
description: 'Description of the alert',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Severity',
|
|
|
|
name: 'severity',
|
|
|
|
type: 'options',
|
2020-12-02 02:54:10 -08:00
|
|
|
options: [
|
2020-12-02 02:24:25 -08:00
|
|
|
{
|
|
|
|
name: 'Low',
|
2020-12-02 02:54:10 -08:00
|
|
|
value: 1,
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
name: 'Medium',
|
2020-12-02 02:54:10 -08:00
|
|
|
value: 2,
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
name: 'High',
|
|
|
|
value: 3,
|
|
|
|
},
|
|
|
|
],
|
|
|
|
required: true,
|
|
|
|
default: 2,
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'create',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
description: 'Severity of the alert. Default=Medium',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Date',
|
|
|
|
name: 'date',
|
|
|
|
type: 'dateTime',
|
|
|
|
required: true,
|
|
|
|
default: '',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'create',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
2020-12-02 02:54:10 -08:00
|
|
|
description: 'Date and time when the alert was raised default=now',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Tags',
|
|
|
|
name: 'tags',
|
|
|
|
type: 'string',
|
|
|
|
required: true,
|
|
|
|
default: '',
|
2020-12-02 02:54:10 -08:00
|
|
|
placeholder: 'tag,tag2,tag3...',
|
2020-12-02 02:24:25 -08:00
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'create',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
2020-12-02 02:54:10 -08:00
|
|
|
description: 'Case Tags',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'TLP',
|
|
|
|
name: 'tlp',
|
|
|
|
type: 'options',
|
|
|
|
required: true,
|
|
|
|
default: 2,
|
|
|
|
options: [
|
|
|
|
{
|
2020-12-02 02:54:10 -08:00
|
|
|
name: 'White',
|
|
|
|
value: TLP.white,
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
2020-12-02 02:54:10 -08:00
|
|
|
name: 'Green',
|
|
|
|
value: TLP.green,
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
2020-12-02 02:54:10 -08:00
|
|
|
name: 'Amber',
|
|
|
|
value: TLP.amber,
|
|
|
|
}, {
|
|
|
|
name: 'Red',
|
|
|
|
value: TLP.red,
|
|
|
|
},
|
2020-12-02 02:24:25 -08:00
|
|
|
],
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'create',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
2020-12-02 02:54:10 -08:00
|
|
|
description: 'Traffict Light Protocol (TLP). Default=Amber',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Status',
|
|
|
|
name: 'status',
|
|
|
|
type: 'options',
|
|
|
|
required: true,
|
2020-12-02 02:54:10 -08:00
|
|
|
options: [
|
2020-12-02 02:24:25 -08:00
|
|
|
{
|
|
|
|
name: 'New',
|
|
|
|
value: 'New',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: 'Updated',
|
|
|
|
value: 'Updated',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: 'Ignored',
|
2020-12-02 02:54:10 -08:00
|
|
|
value: 'Ignored',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
name: 'Imported',
|
|
|
|
value: 'Imported',
|
|
|
|
},
|
|
|
|
],
|
|
|
|
default: 'New',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'create',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
description: 'Status of the alert',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Type',
|
|
|
|
name: 'type',
|
|
|
|
type: 'string',
|
|
|
|
required: true,
|
|
|
|
default: '',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'create',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
2020-12-02 02:54:10 -08:00
|
|
|
description: 'Type of the alert',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Source',
|
|
|
|
name: 'source',
|
|
|
|
type: 'string',
|
|
|
|
required: true,
|
|
|
|
default: '',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'create',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
2020-12-02 02:54:10 -08:00
|
|
|
description: 'Source of the alert',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'SourceRef',
|
|
|
|
name: 'sourceRef',
|
|
|
|
type: 'string',
|
|
|
|
required: true,
|
|
|
|
default: '',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'create',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
2020-12-02 02:54:10 -08:00
|
|
|
description: 'Source reference of the alert',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Follow',
|
|
|
|
name: 'follow',
|
|
|
|
type: 'boolean',
|
|
|
|
required: true,
|
|
|
|
default: true,
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'create',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
description: 'if true, the alert becomes active when updated default=true',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Artifacts',
|
|
|
|
name: 'artifactUi',
|
|
|
|
type: 'fixedCollection',
|
|
|
|
placeholder: 'Add Artifact',
|
|
|
|
default: '',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'create',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
typeOptions: {
|
|
|
|
multipleValues: true,
|
|
|
|
},
|
|
|
|
options: [
|
|
|
|
{
|
|
|
|
displayName: 'Artifact',
|
|
|
|
name: 'artifactValues',
|
|
|
|
values: [
|
|
|
|
{
|
|
|
|
displayName: 'Data Type',
|
|
|
|
name: 'dataType',
|
|
|
|
type: 'options',
|
|
|
|
default: '',
|
2021-04-05 01:52:56 -07:00
|
|
|
typeOptions: {
|
|
|
|
loadOptionsMethod: 'loadObservableTypes',
|
|
|
|
},
|
|
|
|
description: 'Type of the observable',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Data',
|
|
|
|
name: 'data',
|
|
|
|
type: 'string',
|
|
|
|
displayOptions: {
|
|
|
|
hide: {
|
|
|
|
dataType: [
|
|
|
|
'file',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
default: '',
|
|
|
|
description: '',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Binary Property',
|
|
|
|
name: 'binaryProperty',
|
|
|
|
type: 'string',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
dataType: [
|
|
|
|
'file',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
default: 'data',
|
|
|
|
description: '',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Message',
|
|
|
|
name: 'message',
|
|
|
|
type: 'string',
|
|
|
|
default: '',
|
|
|
|
description: '',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Case Tags',
|
|
|
|
name: 'tags',
|
|
|
|
type: 'string',
|
|
|
|
default: '',
|
|
|
|
description: '',
|
|
|
|
},
|
|
|
|
],
|
|
|
|
},
|
|
|
|
],
|
2020-12-02 02:54:10 -08:00
|
|
|
description: 'Artifact attributes',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
// required for responder execution
|
|
|
|
{
|
|
|
|
displayName: 'Responder ID',
|
|
|
|
name: 'responder',
|
|
|
|
type: 'options',
|
|
|
|
required: true,
|
|
|
|
default: '',
|
|
|
|
typeOptions: {
|
|
|
|
loadOptionsDependsOn: [
|
|
|
|
'id',
|
|
|
|
],
|
|
|
|
loadOptionsMethod: 'loadResponders',
|
|
|
|
},
|
2020-12-02 02:54:10 -08:00
|
|
|
displayOptions: {
|
2020-12-02 02:24:25 -08:00
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'executeResponder',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
hide: {
|
|
|
|
id: [
|
|
|
|
'',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2021-07-14 10:18:46 -07:00
|
|
|
{
|
|
|
|
displayName: 'JSON Parameters',
|
|
|
|
name: 'jsonParameters',
|
|
|
|
type: 'boolean',
|
|
|
|
default: true,
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'create',
|
|
|
|
'update',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
|
2020-12-02 02:24:25 -08:00
|
|
|
// optional attributs (Create, Promote operations)
|
|
|
|
{
|
|
|
|
displayName: 'Additional Fields',
|
|
|
|
name: 'additionalFields',
|
|
|
|
placeholder: 'Add Field',
|
|
|
|
type: 'collection',
|
|
|
|
required: false,
|
2022-04-22 03:13:35 -07:00
|
|
|
default: {},
|
2020-12-02 02:24:25 -08:00
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'create',
|
2021-07-14 10:18:46 -07:00
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
options: [
|
|
|
|
{
|
|
|
|
displayName: 'Case Template',
|
|
|
|
name: 'caseTemplate',
|
|
|
|
type: 'string',
|
|
|
|
default: '',
|
|
|
|
description: `Case template to use when a case is created from this alert.`,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Custom Fields',
|
|
|
|
name: 'customFieldsUi',
|
|
|
|
type: 'fixedCollection',
|
|
|
|
default: {},
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
'/jsonParameters': [
|
|
|
|
false,
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
typeOptions: {
|
|
|
|
multipleValues: true,
|
|
|
|
},
|
|
|
|
placeholder: 'Add Custom Field',
|
|
|
|
options: [
|
|
|
|
{
|
|
|
|
name: 'customFields',
|
|
|
|
displayName: 'Custom Field',
|
|
|
|
values: [
|
|
|
|
{
|
|
|
|
displayName: 'Field',
|
|
|
|
name: 'field',
|
|
|
|
type: 'options',
|
|
|
|
typeOptions: {
|
|
|
|
loadOptionsMethod: 'loadCustomFields',
|
|
|
|
},
|
|
|
|
default: 'Custom Field',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Value',
|
|
|
|
name: 'value',
|
|
|
|
type: 'string',
|
|
|
|
default: '',
|
|
|
|
description: 'Custom Field value. Use an expression if the type is not a string.',
|
|
|
|
},
|
|
|
|
],
|
|
|
|
},
|
|
|
|
],
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Custom Fields (JSON)',
|
|
|
|
name: 'customFieldsJson',
|
|
|
|
type: 'string',
|
|
|
|
default: '',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
'/jsonParameters': [
|
|
|
|
true,
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
description: 'Custom fields in JSON format. Overrides Custom Fields UI if set.',
|
|
|
|
},
|
|
|
|
],
|
|
|
|
},
|
|
|
|
// optional attributs (Promote operation)
|
|
|
|
|
|
|
|
{
|
|
|
|
displayName: 'Additional Fields',
|
|
|
|
name: 'additionalFields',
|
|
|
|
placeholder: 'Add Field',
|
|
|
|
type: 'collection',
|
|
|
|
required: false,
|
2022-04-22 03:13:35 -07:00
|
|
|
default: {},
|
2021-07-14 10:18:46 -07:00
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
2020-12-02 02:24:25 -08:00
|
|
|
'promote',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
2020-12-02 02:54:10 -08:00
|
|
|
options: [
|
2020-12-02 02:24:25 -08:00
|
|
|
{
|
|
|
|
displayName: 'Case Template',
|
|
|
|
name: 'caseTemplate',
|
2020-12-02 02:54:10 -08:00
|
|
|
type: 'string',
|
2020-12-02 02:24:25 -08:00
|
|
|
default: '',
|
2020-12-02 02:54:10 -08:00
|
|
|
description: `Case template to use when a case is created from this alert.`,
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
],
|
|
|
|
},
|
|
|
|
// optional attributs (Update operation)
|
|
|
|
{
|
|
|
|
displayName: 'Update Fields',
|
|
|
|
name: 'updateFields',
|
|
|
|
type: 'collection',
|
|
|
|
placeholder: 'Add Field',
|
2022-04-22 03:13:35 -07:00
|
|
|
default: {},
|
2020-12-02 02:24:25 -08:00
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'update',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
options: [
|
|
|
|
{
|
|
|
|
displayName: 'Artifacts',
|
|
|
|
name: 'artifactUi',
|
|
|
|
type: 'fixedCollection',
|
|
|
|
placeholder: 'Add Artifact',
|
|
|
|
default: '',
|
|
|
|
typeOptions: {
|
|
|
|
multipleValues: true,
|
|
|
|
},
|
|
|
|
options: [
|
|
|
|
{
|
|
|
|
displayName: 'Artifact',
|
|
|
|
name: 'artifactValues',
|
|
|
|
values: [
|
|
|
|
{
|
|
|
|
displayName: 'Data Type',
|
|
|
|
name: 'dataType',
|
|
|
|
type: 'options',
|
|
|
|
default: '',
|
2021-04-05 01:52:56 -07:00
|
|
|
typeOptions: {
|
|
|
|
loadOptionsMethod: 'loadObservableTypes',
|
|
|
|
},
|
|
|
|
description: 'Type of the observable',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Data',
|
|
|
|
name: 'data',
|
|
|
|
type: 'string',
|
|
|
|
displayOptions: {
|
|
|
|
hide: {
|
|
|
|
dataType: [
|
|
|
|
'file',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
default: '',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Binary Property',
|
|
|
|
name: 'binaryProperty',
|
|
|
|
type: 'string',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
dataType: [
|
|
|
|
'file',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
default: 'data',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Message',
|
|
|
|
name: 'message',
|
|
|
|
type: 'string',
|
|
|
|
default: '',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Case Tags',
|
|
|
|
name: 'tags',
|
|
|
|
type: 'string',
|
|
|
|
default: '',
|
|
|
|
},
|
|
|
|
],
|
|
|
|
},
|
|
|
|
],
|
|
|
|
},
|
2021-07-14 10:18:46 -07:00
|
|
|
{
|
|
|
|
displayName: 'Custom Fields',
|
|
|
|
name: 'customFieldsUi',
|
|
|
|
type: 'fixedCollection',
|
|
|
|
default: {},
|
|
|
|
typeOptions: {
|
|
|
|
multipleValues: true,
|
|
|
|
},
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
'/jsonParameters': [
|
|
|
|
false,
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
placeholder: 'Add Custom Field',
|
|
|
|
options: [
|
|
|
|
{
|
|
|
|
name: 'customFields',
|
|
|
|
displayName: 'Custom Field',
|
|
|
|
values: [
|
|
|
|
{
|
|
|
|
displayName: 'Field',
|
|
|
|
name: 'field',
|
|
|
|
type: 'options',
|
|
|
|
typeOptions: {
|
|
|
|
loadOptionsMethod: 'loadCustomFields',
|
|
|
|
},
|
|
|
|
default: 'Custom Field',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Value',
|
|
|
|
name: 'value',
|
|
|
|
type: 'string',
|
|
|
|
default: '',
|
|
|
|
description: 'Custom Field value. Use an expression if the type is not a string.',
|
|
|
|
},
|
|
|
|
],
|
|
|
|
},
|
|
|
|
],
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Custom Fields (JSON)',
|
|
|
|
name: 'customFieldsJson',
|
|
|
|
type: 'string',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
'/jsonParameters': [
|
|
|
|
true,
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
default: '',
|
|
|
|
description: 'Custom fields in JSON format. Overrides Custom Fields UI if set.',
|
|
|
|
},
|
2020-12-02 02:24:25 -08:00
|
|
|
{
|
|
|
|
displayName: 'Case Template',
|
|
|
|
name: 'caseTemplate',
|
|
|
|
type: 'string',
|
|
|
|
required: false,
|
|
|
|
default: '',
|
2020-12-02 02:54:10 -08:00
|
|
|
description: `Case template to use when a case is created from this alert.`,
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Description',
|
|
|
|
name: 'description',
|
|
|
|
type: 'string',
|
|
|
|
required: false,
|
|
|
|
default: '',
|
2020-12-02 02:54:10 -08:00
|
|
|
description: 'Description of the alert.',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Follow',
|
|
|
|
name: 'follow',
|
|
|
|
type: 'boolean',
|
|
|
|
default: true,
|
2020-12-02 02:54:10 -08:00
|
|
|
description: 'if true, the alert becomes active when updated default=true.',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Severity',
|
|
|
|
name: ' severity',
|
|
|
|
type: 'options',
|
2020-12-02 02:54:10 -08:00
|
|
|
options: [
|
2020-12-02 02:24:25 -08:00
|
|
|
{
|
|
|
|
name: 'Low',
|
|
|
|
value: 1,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: 'Medium',
|
|
|
|
value: 2,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: 'High',
|
|
|
|
value: 3,
|
|
|
|
},
|
|
|
|
],
|
|
|
|
default: 2,
|
|
|
|
description: 'Severity of the alert. Default=Medium',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Status',
|
|
|
|
name: 'status',
|
|
|
|
type: 'options',
|
2020-12-02 02:54:10 -08:00
|
|
|
options: [
|
2020-12-02 02:24:25 -08:00
|
|
|
{
|
|
|
|
name: 'New',
|
|
|
|
value: 'New',
|
|
|
|
},
|
|
|
|
{
|
2020-12-02 02:54:10 -08:00
|
|
|
name: 'Updated',
|
|
|
|
value: 'Updated',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
name: 'Ignored',
|
2020-12-02 02:54:10 -08:00
|
|
|
value: 'Ignored',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
2020-12-02 02:54:10 -08:00
|
|
|
name: 'Imported',
|
|
|
|
value: 'Imported',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
],
|
|
|
|
default: 'New',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Case Tags',
|
|
|
|
name: 'tags',
|
|
|
|
type: 'string',
|
|
|
|
default: '',
|
2020-12-02 02:54:10 -08:00
|
|
|
placeholder: 'tag,tag2,tag3...',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Title',
|
|
|
|
name: 'title',
|
|
|
|
type: 'string',
|
|
|
|
required: false,
|
|
|
|
default: '',
|
2020-12-02 02:54:10 -08:00
|
|
|
description: 'Title of the alert.',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'TLP',
|
|
|
|
name: 'tlp',
|
|
|
|
type: 'options',
|
|
|
|
required: false,
|
|
|
|
default: 2,
|
|
|
|
options: [
|
|
|
|
{
|
|
|
|
name: 'White',
|
|
|
|
value: TLP.white,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: 'Green',
|
|
|
|
value: TLP.green,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: 'Amber',
|
|
|
|
value: TLP.amber,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: 'Red',
|
|
|
|
value: TLP.red,
|
|
|
|
},
|
|
|
|
],
|
2020-12-02 02:54:10 -08:00
|
|
|
description: 'Traffict Light Protocol (TLP). Default=Amber',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
],
|
|
|
|
},
|
|
|
|
//Query attributs (Search operation)
|
|
|
|
{
|
|
|
|
displayName: 'Options',
|
|
|
|
name: 'options',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
operation: [
|
|
|
|
'getAll',
|
|
|
|
],
|
|
|
|
resource: [
|
|
|
|
'alert',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
type: 'collection',
|
|
|
|
placeholder: 'Add Option',
|
|
|
|
default: {},
|
|
|
|
options: [
|
|
|
|
{
|
|
|
|
displayName: 'Sort',
|
|
|
|
name: 'sort',
|
|
|
|
type: 'string',
|
|
|
|
placeholder: '±Attribut, exp +status',
|
|
|
|
default: '',
|
|
|
|
},
|
|
|
|
],
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Filters',
|
|
|
|
name: 'filters',
|
|
|
|
placeholder: 'Add Filter',
|
|
|
|
default: {},
|
|
|
|
type: 'collection',
|
|
|
|
displayOptions: {
|
|
|
|
show: {
|
|
|
|
resource: [
|
2020-12-02 02:54:10 -08:00
|
|
|
'alert',
|
2020-12-02 02:24:25 -08:00
|
|
|
],
|
|
|
|
operation: [
|
|
|
|
'getAll',
|
|
|
|
'count',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
2020-12-02 02:54:10 -08:00
|
|
|
options: [
|
2021-07-14 10:18:46 -07:00
|
|
|
{
|
|
|
|
displayName: 'Custom Fields',
|
|
|
|
name: 'customFieldsUi',
|
|
|
|
type: 'fixedCollection',
|
|
|
|
default: {},
|
|
|
|
typeOptions: {
|
|
|
|
multipleValues: true,
|
|
|
|
},
|
|
|
|
placeholder: 'Add Custom Field',
|
|
|
|
options: [
|
|
|
|
{
|
|
|
|
name: 'customFields',
|
|
|
|
displayName: 'Custom Field',
|
|
|
|
values: [
|
|
|
|
{
|
|
|
|
displayName: 'Field',
|
|
|
|
name: 'field',
|
|
|
|
type: 'options',
|
|
|
|
typeOptions: {
|
|
|
|
loadOptionsMethod: 'loadCustomFields',
|
|
|
|
},
|
|
|
|
default: 'Custom Field',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Value',
|
|
|
|
name: 'value',
|
|
|
|
type: 'string',
|
|
|
|
default: '',
|
|
|
|
description: 'Custom Field value. Use an expression if the type is not a string.',
|
|
|
|
},
|
|
|
|
],
|
|
|
|
},
|
|
|
|
],
|
|
|
|
},
|
2020-12-02 02:24:25 -08:00
|
|
|
{
|
|
|
|
displayName: 'Description',
|
|
|
|
name: 'description',
|
|
|
|
type: 'string',
|
|
|
|
default: '',
|
2020-12-02 02:54:10 -08:00
|
|
|
description: 'Description of the alert.',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Follow',
|
|
|
|
name: 'follow',
|
|
|
|
type: 'boolean',
|
|
|
|
default: false,
|
|
|
|
description: 'if true, the alert becomes active when updated default=true',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Severity',
|
|
|
|
name: 'severity',
|
|
|
|
type: 'options',
|
|
|
|
options: [
|
|
|
|
{
|
|
|
|
name: 'Low',
|
2020-12-02 02:54:10 -08:00
|
|
|
value: 1,
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
name: 'Medium',
|
2020-12-02 02:54:10 -08:00
|
|
|
value: 2,
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
|
|
|
name: 'High',
|
2020-12-02 02:54:10 -08:00
|
|
|
value: 3,
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
],
|
|
|
|
default: 2,
|
|
|
|
description: 'Severity of the alert. Default=Medium',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Tags',
|
|
|
|
name: 'tags',
|
|
|
|
type: 'string',
|
|
|
|
default: '',
|
|
|
|
placeholder: 'tag,tag2,tag3...',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'Title',
|
|
|
|
name: 'title',
|
|
|
|
type: 'string',
|
|
|
|
default: '',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
displayName: 'TLP',
|
|
|
|
name: 'tlp',
|
|
|
|
type: 'options',
|
|
|
|
default: 2,
|
|
|
|
options: [
|
|
|
|
{
|
2020-12-02 02:54:10 -08:00
|
|
|
name: 'White',
|
|
|
|
value: TLP.white,
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
2020-12-02 02:54:10 -08:00
|
|
|
name: 'Green',
|
|
|
|
value: TLP.green,
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
2020-12-02 02:54:10 -08:00
|
|
|
name: 'Amber',
|
|
|
|
value: TLP.amber,
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
{
|
2020-12-02 02:54:10 -08:00
|
|
|
name: 'Red',
|
|
|
|
value: TLP.red,
|
|
|
|
},
|
2020-12-02 02:24:25 -08:00
|
|
|
],
|
2020-12-02 02:54:10 -08:00
|
|
|
description: 'Traffict Light Protocol (TLP). Default=Amber',
|
2020-12-02 02:24:25 -08:00
|
|
|
},
|
|
|
|
],
|
2020-12-02 02:54:10 -08:00
|
|
|
},
|
2021-12-03 00:44:16 -08:00
|
|
|
];
|