Orca Security

orca security is a cloud posture management product that alerts customers on vulnerabilities, configuration issues, and lateral movement challenges prerequisites this connector requires either an email and password or just an api token capabilities this connector provides the following capabilities get alerts get alert by id get assets get asset by id configurations api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required api token the api token string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional http basic authentication authenticates using username and password configuration parameters parameter description type required url a url to the target host string required username provide system account email here string required password password string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions get alert id retrieve information about an alert endpoint url api/alerts/{{alert id}} method get input argument name type required description alert id string required unique identifier output parameter type description status code number http status code of the response reason string response reason phrase version string output field version status string status value data grouped boolean response data total supported items string output field total supported items total ungrouped items number output field total ungrouped items total items number output field total items data array response data file name string name of the resource file string output field file example \[ { "status code" 200, "response headers" { "date" "mon, 03 jul 2023 07 14 22 gmt", "content type" "application/json", "content length" "141", "connection" "keep alive", "server" " ", "vary" "accept, cookie, origin", "allow" "get, head, options", "access control expose headers" "x orca request id", "x orca request id" "5ad6b9ec 11e2 4554 a019 52d5fe404098", "x amzn trace id" "root=1 64a27546 5879da2e06884d6f6bb7bcb9", "x frame options" "deny", "x content type options" "nosniff", "referrer policy" "same origin" }, "reason" "ok", "json body" { "version" "0 1 0", "status" "success", "data grouped" true, "total supported items" "1000", "total ungrouped items" 0, "total items" 0, "data" \[] } } ] get alerts retrieve information about alerts endpoint url api/alerts method get input argument name type required description asset unique id string optional unique identifier cloud provider id string optional unique identifier asset type string optional type of the resource asset state string optional parameter for get alerts asset labels string optional parameter for get alerts type string optional type of the resource category string optional parameter for get alerts alert labels string optional parameter for get alerts asset role names string optional name of the resource asset ingress ports string optional parameter for get alerts asset availability zones string optional parameter for get alerts asset regions string optional parameter for get alerts asset vpcs string optional parameter for get alerts asset tags info list string optional parameter for get alerts asset orca tags info list string optional parameter for get alerts asset custom tags info list string optional parameter for get alerts state status string optional status value state orca score number optional score value state risk level string optional parameter for get alerts state score number optional score value state severity string optional parameter for get alerts limit string optional parameter for get alerts output parameter type description status code number http status code of the response reason string response reason phrase version string output field version status string status value total items number output field total items total ungrouped items number output field total ungrouped items data grouped boolean response data total supported items string output field total supported items data array response data group val string output field group val asset type string string type of the resource data object response data recommendation string output field recommendation details string output field details title string output field title alert labels array output field alert labels configuration object output field configuration is compliance boolean output field is compliance group type string string type of the resource description string output field description recommendation string output field recommendation source string output field source group type string type of the resource cluster type string type of the resource type string type of the resource example \[ { "status code" 200, "response headers" { "date" "mon, 03 jul 2023 07 14 22 gmt", "content type" "application/json", "content length" "141", "connection" "keep alive", "server" " ", "vary" "accept, cookie, origin", "allow" "get, head, options", "access control expose headers" "x orca request id", "x orca request id" "5ad6b9ec 11e2 4554 a019 52d5fe404098", "x amzn trace id" "root=1 64a27546 5879da2e06884d6f6bb7bcb9", "x frame options" "deny", "x content type options" "nosniff", "referrer policy" "same origin" }, "reason" "ok", "json body" { "version" "0 1 0", "status" "success", "total items" 9, "total ungrouped items" 9, "data grouped" true, "total supported items" "1", "data" \[] } } ] get asset unique id retrieve information about an asset endpoint url api/assets/{{asset unique id}} method get input argument name type required description asset unique id string required unique identifier output parameter type description status code number http status code of the response reason string response reason phrase version string output field version status string status value data grouped boolean response data total supported items string output field total supported items total ungrouped items number output field total ungrouped items total items number output field total items data array response data file name string name of the resource file string output field file example \[ { "status code" 200, "response headers" { "date" "mon, 03 jul 2023 07 14 22 gmt", "content type" "application/json", "content length" "141", "connection" "keep alive", "server" " ", "vary" "accept, cookie, origin", "allow" "get, head, options", "access control expose headers" "x orca request id", "x orca request id" "5ad6b9ec 11e2 4554 a019 52d5fe404098", "x amzn trace id" "root=1 64a27546 5879da2e06884d6f6bb7bcb9", "x frame options" "deny", "x content type options" "nosniff", "referrer policy" "same origin" }, "reason" "ok", "json body" { "version" "0 1 0", "status" "success", "data grouped" true, "total supported items" "1000", "total ungrouped items" 0, "total items" 0, "data" \[] } } ] get assets retrieve information about assets endpoint url api/assets method get input argument name type required description asset unique id string optional unique identifier cloud provider id string optional unique identifier asset type string optional type of the resource asset state string optional parameter for get assets asset labels string optional parameter for get assets type string optional type of the resource internet facing string optional parameter for get assets tags info list string optional parameter for get assets orca tags info list string optional parameter for get assets custom tags info list string optional parameter for get assets compute regions string optional parameter for get assets compute vpcs string optional parameter for get assets state orca score number optional score value state risk level string optional parameter for get assets state score number optional score value state severity string optional parameter for get assets output parameter type description status code number http status code of the response reason string response reason phrase version string output field version status string status value total items number output field total items total ungrouped items number output field total ungrouped items data grouped boolean response data total supported items string output field total supported items data array response data vm object output field vm imagename string name of the resource imageownerid string unique identifier imageispublic string output field imageispublic imageid string unique identifier imagedescription string output field imagedescription instancetype string type of the resource name string name of the resource compute object output field compute securitygroups array output field securitygroups distributioninfosite string output field distributioninfosite vpclist object output field vpclist models array output field models model object output field model remaining number output field remaining privatednss array output field privatednss example \[ { "status code" 200, "response headers" { "date" "mon, 03 jul 2023 07 14 22 gmt", "content type" "application/json", "content length" "141", "connection" "keep alive", "server" " ", "vary" "accept, cookie, origin", "allow" "get, head, options", "access control expose headers" "x orca request id", "x orca request id" "5ad6b9ec 11e2 4554 a019 52d5fe404098", "x amzn trace id" "root=1 64a27546 5879da2e06884d6f6bb7bcb9", "x frame options" "deny", "x content type options" "nosniff", "referrer policy" "same origin" }, "reason" "ok", "json body" { "version" "0 1 0", "status" "success", "total items" 9, "total ungrouped items" 9, "data grouped" true, "total supported items" "1", "data" \[] } } ] response headers header description example access control expose headers http response header access control expose headers x orca request id allow http response header allow get, head, options connection http response header connection keep alive content length the length of the response body in bytes 141 content type the media type of the resource application/json date the date and time at which the message was originated mon, 03 jul 2023 07 14 22 gmt referrer policy http response header referrer policy same origin server information about the software used by the origin server vary http response header vary accept, cookie, origin x amzn trace id http response header x amzn trace id root=1 64a27546 5879da2e06884d6f6bb7bcb9 x content type options http response header x content type options nosniff x frame options http response header x frame options deny x orca request id http response header x orca request id 5ad6b9ec 11e2 4554 a019 52d5fe404098