Accenture MxDR

this connector integrates accenture mxdr with swimlane turbine prerequisites this connector can be authenticated in two ways using a base64 encoded pem key file converted from a pkcs12 file using base64 encoded pkcs12 key file and a password for the file, , generated by the mxdr portal capabilities this connector provides the following capabilities create ticket with attachments create ticket get incident categories get incident severities get recent alarm list get recent incident list incident add attachment list ticket categories list ticket statuses list ticket urgencies query incident query ticket update incident workflow update ticket with attachment update ticket configurations pem file authentication authenticates using pem certificate configuration parameters parameter description type required url string required pem b64 pem certificate in base64 format string required pkcs12 file authentication authenticates using pem certificate configuration parameters parameter description type required url string required pkcs12 b64 pkcs12 certificate in base64 format string required pkcs12 password pkcs12 certificate password string required actions create ticket request create a ticket given the provided parameters endpoint url /sws/tickets asmx?wsdl method get input argument name type required description requestcreatedoc object required parameter for create ticket request clientreference string optional parameter for create ticket request requestcategory string required parameter for create ticket request urgencyname string required name of the resource description string optional parameter for create ticket request requestedbyorgname string required name of the resource devicename string optional name of the resource assignedtoorgname string required name of the resource activitylog string optional parameter for create ticket request output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "cache control" "private, max age=0", "content type" "text/xml; charset=utf 8", "content encoding" "gzip", "vary" "accept encoding", "server" "microsoft iis/10 0", "x aspnet version" "2 0 50727", "x powered by" "asp net", "x powered by plesk" "pleskwin", "date" "mon, 25 sep 2023 19 13 34 gmt", "content length" "370", "cf team" "1b6f5bf266000079de27ebb400000001" }, "reason" "ok", "json body" {} } ] create ticket request with attachment create a ticket given the provided parameters and attachments endpoint url /sws/tickets asmx?wsdl method get input argument name type required description requestcreatedoc object required parameter for create ticket request with attachment clientreference string optional parameter for create ticket request with attachment requestcategory string required parameter for create ticket request with attachment urgencyname string required name of the resource description string optional parameter for create ticket request with attachment requestedbyorgname string required name of the resource devicename string optional name of the resource assignedtoorgname string required name of the resource activitylog string optional parameter for create ticket request with attachment attachments array required parameter for create ticket request with attachment attachment object optional parameter for create ticket request with attachment name string optional name of the resource content string optional base64 encoded file content attachmentcomments string optional parameter for create ticket request with attachment output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "cache control" "private, max age=0", "content type" "text/xml; charset=utf 8", "content encoding" "gzip", "vary" "accept encoding", "server" "microsoft iis/10 0", "x aspnet version" "2 0 50727", "x powered by" "asp net", "x powered by plesk" "pleskwin", "date" "mon, 25 sep 2023 19 13 34 gmt", "content length" "370", "cf team" "1b6f5bf266000079de27ebb400000001" }, "reason" "ok", "json body" {} } ] get incident categories get list of valid incident categories endpoint url /sws/incidents asmx?wsdl method get output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "cache control" "private, max age=0", "content type" "text/xml; charset=utf 8", "content encoding" "gzip", "vary" "accept encoding", "server" "microsoft iis/10 0", "x aspnet version" "2 0 50727", "x powered by" "asp net", "x powered by plesk" "pleskwin", "date" "mon, 25 sep 2023 19 13 34 gmt", "content length" "370", "cf team" "1b6f5bf266000079de27ebb400000001" }, "reason" "ok", "json body" {} } ] get incident severities get list of incident severities endpoint url /sws/incidents asmx?wsdl method get output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "cache control" "private, max age=0", "content type" "text/xml; charset=utf 8", "content encoding" "gzip", "vary" "accept encoding", "server" "microsoft iis/10 0", "x aspnet version" "2 0 50727", "x powered by" "asp net", "x powered by plesk" "pleskwin", "date" "mon, 25 sep 2023 19 13 34 gmt", "content length" "370", "cf team" "1b6f5bf266000079de27ebb400000001" }, "reason" "ok", "json body" {} } ] get recent alarm list gets the list of recent alarms based on the passed in parameters endpoint url /sws/alarms asmx?wsdl method get input argument name type required description starttimestampgmt string required parameter for get recent alarm list endtimestampgmt string optional parameter for get recent alarm list alarmstatuses string optional comma seperated list of valid statuses devicenames string optional name of the resource assignedtoorganizations string optional comma seperated list of valid organizations alarmids string optional comma seperated list of valid alarm ids urgencyfilters string optional comma delimited list of valid alarms urgency categories string optional comma delimited list of valid alarms categories clientreference string optional comma delimited list of client reference values; since some clientreference values may have commas, the individual values are matched with a like operator maxalarms string optional the maximum number of alarms to return output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "cache control" "private, max age=0", "content type" "text/xml; charset=utf 8", "content encoding" "gzip", "vary" "accept encoding", "server" "microsoft iis/10 0", "x aspnet version" "2 0 50727", "x powered by" "asp net", "x powered by plesk" "pleskwin", "date" "mon, 25 sep 2023 19 13 34 gmt", "content length" "370", "cf team" "1b6f5bf266000079de27ebb400000001" }, "reason" "ok", "json body" {} } ] get recent incident list this method returns a list of incidents based on given search parameters, which have been modified between/after specified dates endpoint url /sws/incidents asmx?wsdl method get input argument name type required description severity string optional comma delimited list of valid security incident severities set by clients sourceorganization string optional comma delimited list of valid organizations destinationorganization string optional comma delimited list of valid organizations maxincidents string optional the maximum number of incidents to return sourceip string optional comma delimited list of valid source ip addresses category string optional comma delimited list of valid security incident categories excludecategory string optional comma delimited list of valid security incident categories starttimestampgmt string required only return incidents created since the specified date endtimestampgmt string optional only return incidents created before the specified date output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "response headers" {}, "json body" {} } ] incident add attachment add incident attachment endpoint url /sws/incidents asmx?wsdl method get input argument name type required description incidentnumber number required unique identifier attachmentdata array required response data name string optional name of the resource content string optional base64 encoded file content attachmentcomment string optional parameter for incident add attachment output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "cache control" "private, max age=0", "content type" "text/xml; charset=utf 8", "content encoding" "gzip", "vary" "accept encoding", "server" "microsoft iis/10 0", "x aspnet version" "2 0 50727", "x powered by" "asp net", "x powered by plesk" "pleskwin", "date" "mon, 25 sep 2023 19 13 34 gmt", "content length" "370", "cf team" "1b6f5bf266000079de27ebb400000001" }, "reason" "ok", "json body" {} } ] list ticket categories gets a list of valid ticket categories endpoint url /sws/tickets asmx?wsdl method get output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "cache control" "private, max age=0", "content type" "text/xml; charset=utf 8", "content encoding" "gzip", "vary" "accept encoding", "server" "microsoft iis/10 0", "x aspnet version" "2 0 50727", "x powered by" "asp net", "x powered by plesk" "pleskwin", "date" "mon, 25 sep 2023 19 13 34 gmt", "content length" "370", "cf team" "1b6f5bf266000079de27ebb400000001" }, "reason" "ok", "json body" {} } ] list ticket statuses gets a list of valid ticket statuses endpoint url /sws/tickets asmx?wsdl method get output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "cache control" "private, max age=0", "content type" "text/xml; charset=utf 8", "content encoding" "gzip", "vary" "accept encoding", "server" "microsoft iis/10 0", "x aspnet version" "2 0 50727", "x powered by" "asp net", "x powered by plesk" "pleskwin", "date" "mon, 25 sep 2023 19 13 34 gmt", "content length" "370", "cf team" "1b6f5bf266000079de27ebb400000001" }, "reason" "ok", "json body" {} } ] list ticket urgencies gets a list of valid ticket urgencies endpoint url /sws/tickets asmx?wsdl method get input argument name type required description ticketid string optional unique identifier clientreference string optional parameter for list ticket urgencies output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "cache control" "private, max age=0", "content type" "text/xml; charset=utf 8", "content encoding" "gzip", "vary" "accept encoding", "server" "microsoft iis/10 0", "x aspnet version" "2 0 50727", "x powered by" "asp net", "x powered by plesk" "pleskwin", "date" "mon, 25 sep 2023 19 13 34 gmt", "content length" "370", "cf team" "1b6f5bf266000079de27ebb400000001" }, "reason" "ok", "json body" {} } ] query incident retrieve an incident by incident number endpoint url /sws/incidents asmx?wsdl method get input argument name type required description incidentnumber number optional unique identifier maxsignatures string optional parameter for query incident output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "cache control" "private, max age=0", "content type" "text/xml; charset=utf 8", "content encoding" "gzip", "vary" "accept encoding", "server" "microsoft iis/10 0", "x aspnet version" "2 0 50727", "x powered by" "asp net", "x powered by plesk" "pleskwin", "date" "mon, 25 sep 2023 19 13 34 gmt", "content length" "370", "cf team" "1b6f5bf266000079de27ebb400000001" }, "reason" "ok", "json body" {} } ] query ticket returns details of a given ticket by ticket id or client reference if both fields are specified, only the ticket id will be used endpoint url /sws/tickets asmx?wsdl method get input argument name type required description ticketid string required unique identifier clientreference string optional parameter for query ticket output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "cache control" "private, max age=0", "content type" "text/xml; charset=utf 8", "content encoding" "gzip", "vary" "accept encoding", "server" "microsoft iis/10 0", "x aspnet version" "2 0 50727", "x powered by" "asp net", "x powered by plesk" "pleskwin", "date" "mon, 25 sep 2023 19 13 34 gmt", "content length" "370", "cf team" "1b6f5bf266000079de27ebb400000001" }, "reason" "ok", "json body" {} } ] update incident workflow update an incident workflow endpoint url /sws/incidents asmx?wsdl method get input argument name type required description incidentnumber number required unique identifier status string required status value resolution string required parameter for update incident workflow reference string optional parameter for update incident workflow severity string required parameter for update incident workflow assignedtoorganization string optional parameter for update incident workflow assignedtoperson string optional parameter for update incident workflow comments string optional parameter for update incident workflow isgroupupdate boolean optional date value output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "cache control" "private, max age=0", "content type" "text/xml; charset=utf 8", "content encoding" "gzip", "vary" "accept encoding", "server" "microsoft iis/10 0", "x aspnet version" "2 0 50727", "x powered by" "asp net", "x powered by plesk" "pleskwin", "date" "mon, 25 sep 2023 19 13 34 gmt", "content length" "370", "cf team" "1b6f5bf266000079de27ebb400000001" }, "reason" "ok", "json body" {} } ] update ticket update a ticket given the provided parameters endpoint url /sws/tickets asmx?wsdl method get input argument name type required description ticketupdatedoc object required parameter for update ticket requestcategory string optional parameter for update ticket urgencyname string optional name of the resource description string optional parameter for update ticket devicename string optional name of the resource activitylog string optional parameter for update ticket requesttoclose boolean optional parameter for update ticket output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "cache control" "private, max age=0", "content type" "text/xml; charset=utf 8", "content encoding" "gzip", "vary" "accept encoding", "server" "microsoft iis/10 0", "x aspnet version" "2 0 50727", "x powered by" "asp net", "x powered by plesk" "pleskwin", "date" "mon, 25 sep 2023 19 13 34 gmt", "content length" "370", "cf team" "1b6f5bf266000079de27ebb400000001" }, "reason" "ok", "json body" {} } ] update ticket with attachment update a ticket given the provided parameters (ticketupdatedoc, requesttoclose, attachments, attachmentcomments) each request supports only 20 attachment and soap message of size 100mb endpoint url /sws/tickets asmx?wsdl method get input argument name type required description ticketupdatedoc object required parameter for update ticket with attachment requestcategory string optional parameter for update ticket with attachment urgencyname string optional name of the resource description string optional parameter for update ticket with attachment devicename string optional name of the resource activitylog string optional parameter for update ticket with attachment requesttoclose boolean optional parameter for update ticket with attachment attachments array required parameter for update ticket with attachment attachment object optional parameter for update ticket with attachment name string optional name of the resource content string optional base64 encoded file content attachmentcomments string optional parameter for update ticket with attachment output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "cache control" "private, max age=0", "content type" "text/xml; charset=utf 8", "content encoding" "gzip", "vary" "accept encoding", "server" "microsoft iis/10 0", "x aspnet version" "2 0 50727", "x powered by" "asp net", "x powered by plesk" "pleskwin", "date" "mon, 25 sep 2023 19 13 34 gmt", "content length" "370", "cf team" "1b6f5bf266000079de27ebb400000001" }, "reason" "ok", "json body" {} } ] response headers header description example cache control directives for caching mechanisms private, max age=0 cf team http response header cf team 1b6f5bf266000079de27ebb400000001 content encoding http response header content encoding gzip content length the length of the response body in bytes 370 content type the media type of the resource text/xml; charset=utf 8 date the date and time at which the message was originated mon, 25 sep 2023 19 13 34 gmt server information about the software used by the origin server microsoft iis/10 0 vary http response header vary accept encoding x aspnet version http response header x aspnet version 2 0 50727 x powered by http response header x powered by asp net x powered by plesk http response header x powered by plesk pleskwin notes documentation tickets https //api monitoredsecurity com/sws/tickets asmxincidents https //api monitoredsecurity com/sws/incidents asmxalarms https //api monitoredsecurity com/sws/alarms asmx