1.0.1 • Published 6 years ago

secdo-js v1.0.1

Weekly downloads
4
License
ISC
Repository
github
Last release
6 years ago

secdo-js

secdo-js is a Simple Secdo (Now Palo Alto) client which gives you the ability to perform various actions like getting Agent status,adding IOC's and isolating hosts.

About

  • Created By Tom Goldberg

Supported functionalities:

secdo-js is currently supporting the following actions:

MethodDescriptionInputSuccessful Output
getAgents()Retrieves list of all the agents in the system-Json formatted list of agents
isAgentInstalledOnHost({host})gets and IP / Hostname and checks weather this host has a secdo agent installedIP / Hostnametrue / false
getAgentState(<Hostname/IP/Agent ID>)Gets an host / IP / agent ID and retrieves the agent state. Throws exception Secdo can not find this agentIP / Hostname / Agent IDstatus of this agent
isolateHost({Hostname})Gets an Hostname and isolates it . Throws an exception if the agent is not alive.Hostname'Success'
loadIOC({ioc})Gets an IOC object and loads it to the system. Throws exception in a case when there is a duplicate or some invalid parametersIOC object (see Examples.js for more detailed example)'Success'
resetBlackListState()Resets the black list state-'Success

How To

  1. cd in to your project folder and npm install this reposotory 
npm install --save secdo-js
  1. require the Secdo class. If you are going to use the IOC functionalities , you can use the IOC var (which acts like an enum and provides the available params for the load IOC method) from the examples.js file to avoid mistakes.
var Secdo=require('Secdo')

3.Set the connection

var secdoClient = new Secdo({
    serverName: 'secdo.local',
    apiKey: 'asd23SA3FFDds',
    company: 'localCorp'
})

4.Use the module. For complete and detailed set of examples , see the examples.js file.

secdoClient.getAgents()
.then((agentList)=> {
    console.dir(agentList)
})
.catch((ex)=>{
    console.log(ex)
})

secdoClient.isAgentInstalledOnHost('5.4.5.6')
.then((result)=> {
    console.log('Is agent installed on this host: ' + result)
})
.catch((ex)=>{
    console.log(ex)
})

var newIOC = {
    company: "secdo",
    severity: IOC.severity.medium,
    ioc_data: "TestIOC\n  127.0.0.1",
    source: "Secdo-js  client",
    operations: [IOC.operations.iceBlock,IOC.operations.case],
    artifacts_type: IOC.artifactTypes.mixed,
    comment: "This is my comment"
}

secdoClient.loadIOC(newIOC) // Adds a new IOC to the system
.then((result)=>
{console.log(result)
})
.catch((ex)=>{
    console.error(ex)
})
secdopaloaltopaloaltoincidentresponsesecdo-jsnode-secdo
dotenvrequest
@infinitebrahmanuniverse/nolb-sec@everything-registry/sub-chunk-2725
1.0.1

6 years ago

1.0.0

6 years ago