Firescope SDDM sender
Description
Incidents
The firescope sender collects single messages or messages in bulk from 1Gateway and sends them to Firescope. The single messages will be a single insert of an incident while the messages sent in bulk will replace all existing incidents from Firescope.
CIs
The Firescope sender sends Configuration Items (CI's) from 1Gateway into Firescope SDDM. The messages get mapped to a format that the Firescope CMDB plugin can process and converted to a JSON string that is sent to Firescope through the Ivanti REST API.
CI's are also retrieved from Firescope SDDM to create a replica collection. Pre-configured rules are used to match existing CI's in the Firescope replica to CI's in other systems. If a match is found, it is recorded in 1Gateway and updated in Firescope SDDM. If its not, a new CI is created.
Prerequisites
Incidents
There are no prerequisites.
CIs
- MongoDB installed and configured in 1Gateway
Installation
Make sure you have the Plugin zip file that has been provided to you with the installation files.
1 - Login
Login to 1gateway, and make sure you are in "Advanced mode". If this is the first time you log in, the default user and password are both 'admin' (without the quotes).
2 - System Maintenance
Click on the menu icon and choose the option "System maintenance"
3 - Upload file
In the System maintenance view you can either drag and drop the downloaded zip file or select it by clicking the "choose file" button.
Configuration
Open the main menu and click on "New plugin"
Select the plugin you want to configure. Use the Filter field if needed.
Incidents
Field name | Supported values | Description |
|---|---|---|
Firescope server | Any string | Firescope server or IP |
Firescope port number | Any integer | Firescope port number |
| Username | Any string | Username to authenticate with |
| Password | Any string | Usernames password |
CIs
Main configuration
Field name | Supported values | Description |
|---|---|---|
Firescope server | Any string | Firescope server (IP address or Domain name). |
Firescope port number | Any integer | Firescope port number |
| Username | Any string | Username to authenticate with |
| Password | Any string | Usernames password |
Max queue size | Any integer | Size of the queue of incoming messages. |
| Discard | Tickbox | Discard messages when queue is full. |
| Filter expression | Valid expression | Future use |
| Endpoint name | Any string | Name of the Firescope system (plugin identifier). |
CMDB configuration
Field name | Supported values | Description |
|---|---|---|
Simulation mode | Tickbox | If in simulation mode, CIs are saved in a simulation collection and are not sent to the CMDB. |
CMDB replica collection | Any string | Name of the CMDB replica collection where CIs from the CMDB are stored. Used by matching rules to decide if there is a match between the CMDB CIs and other systems CIs. |
Outbound message processing | Tickbox | Future use |
Outbound message types | Any string | Future use |
CMDB configuration profiles
Poller profiles
Field name | Supported values | Description |
|---|---|---|
CI message type | Any string | Message type of the asset polled for. These CIs are inserted in the replica collection and used for matching. |
Account | Any string | Firescope SDDM acount to poll for |
Run interval in seconds | Any integer | Interval between two poll cycles. |
Rule profiles
Field name | Supported values | Description |
|---|---|---|
Message type | Any string | Message type in the replica collection to evaluate |
Rule type* | Any string | Future use |
Comma-separated list of fields | Any string | List of fields to match on. If the incoming asset has the same field value as the CI in the CMDB, it is considered the same CI. |
Priority | Any integer |