Demo Data

8 min

the demo data connector simulates incident response activities, allowing users to generate and manage alert triage records for testing and training purposes the demo data connector is an essential tool for security teams using swimlane turbine to simulate and train on security incidents it enables the creation of alert triage records within the demo data application, facilitating the practice of incident response processes by integrating with demo data, users can customize the fields returned in each record, ensuring that they can focus on the most relevant data for their training scenarios this connector streamlines the setup of simulated incidents, allowing teams to efficiently test and refine their security playbooks and response strategies prerequisites to effectively utilize the demo data connector within swimlane turbine, ensure you have the following prerequisites http basic authentication with the following parameters url endpoint for the demo data application username your demo data application username password your demo data application password swimlane app the specific swimlane application where the connector will be used payload { "finding uid" "str", "sla hours" 1, "event name" "str", "user metadata department" "str", "user metadata title" "str", "critical asset" "str", "vip user" "str", "event timestamp" "datetime", "user" "str", "authentication metadata modified time" "datetime", "meta product name" "str", "src endpoint ip" "str", "dst endpoint ip" "str", "event organization" "str", "src endpoint hostname" "str", "lookup results" { "observable" { "type" {}, "value" {} }, "verdict" "str", "tool" "str" }, "verdict" "str", "severity" "str", "determination" "str", "data points count" "1" } configurations http basic authentication authenticates using username and password configuration parameters parameter description type required url a url to the target host string required username username string required password password string required swapp swimlane app to insert the records string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions create alert triage records generates new alert triage records within the demo data application to streamline incident response processes endpoint method get input argument name type required description records to create number optional parameter for create alert triage records required fields array optional fields to be returned defaults to all input example {"records to create" 5,"required fields" "finding uid"} response headers header description example content type the media type of the resource application/json date the date and time at which the message was originated thu, 01 jan 2024 00 00 00 gmt