Halaman ini diterjemahkan oleh Cloud Translation API.

Site24x7

Versi integrasi: 3.0

Cara mengonfigurasi integrasi

Sebagai root API, pilih salah satu nilai berikut:
- Amerika Serikat - https://www.site24x7.com/api
- Eropa - https://www.site24x7.eu
- China - https://www.site24x7.cn
- India - https://www.site24x7.in
- Australia - https://www.site24x7.net.au/api
Buka konsol Zoho API:
- Amerika Serikat - https://accounts.zoho.com
- Eropa -https://accounts.zoho.eu
- China -https://accounts.zoho.com.cn
- India -https://accounts.zoho.in
- Australia -https://accounts.zoho.com.au
Tekan "Tambahkan Klien".
Buat Klien Mandiri.
Buka Tab "Client Secret", lalu salin "Client ID" dan "Client Secret".
Berikan "Client ID" dan "Client Secret" dalam konfigurasi integrasi.
Buka Tab "Generate Code", berikan cakupan berikut: "Site24x7.Operations.Read,Site24x0x2eAdmin.Read" dan beberapa "Scope Description" kustom.
Tekan tombol "Buat", lalu salin kode otorisasi.
Buka tindakan "Generate Refresh Token", berikan kode otorisasi dan jalankan.
Dari hasil JSON, salin "refresh_token" dan masukkan nilainya ke "Refresh Token" dalam konfigurasi integrasi.

Mengonfigurasi integrasi Site24x7 di Google Security Operations

Untuk mendapatkan petunjuk mendetail terkait cara mengonfigurasi integrasi di Google SecOps, lihat Mengonfigurasi integrasi.

Parameter integrasi

Gunakan parameter berikut untuk mengonfigurasi integrasi:

Nama Tampilan Parameter	Jenis	Nilai Default	Wajib	Deskripsi
Root API	String	https://www.site24x7.{region}	Ya	Root API instance Site24x7.
ID Klien	String	T/A	Ya	ID Klien instance Site24x7.
Rahasia Klien	Sandi	T/A	Ya	Rahasia Klien instance Site24x7.
Token Refresh	Sandi	T/A	Ya	Token Refresh instance Site24x7.
Verifikasi SSL	Kotak centang	Dicentang	Ya	Jika diaktifkan, akan memverifikasi bahwa sertifikat SSL untuk koneksi ke server Site24x7 valid.

Tindakan

Ping

Deskripsi

Uji konektivitas ke Site24x7 dengan parameter yang diberikan di halaman konfigurasi integrasi di tab Google Security Operations Marketplace.

Run On

Tindakan ini tidak dijalankan di entity.

Hasil Tindakan

Hasil Skrip

Nama Hasil Skrip	Opsi Nilai
is_success	is_success=False
is_success	is_success=True

Repositori Kasus

Kasus	Berhasil	Gagal	Pesan
jika berhasil	true	false	Berhasil terhubung ke server Site24x7 dengan parameter koneksi yang diberikan.
tidak berhasil	false	true	Gagal terhubung ke server Site24x7. Error: {0}".format(exception.stacktrace)

Buat Token Refresh

Deskripsi

Buat token refresh yang diperlukan untuk Konfigurasi integrasi.

Parameter

Nama Tampilan Parameter	Jenis	Nilai Default	Wajib	Deskripsi
Kode Otorisasi	Sandi	T/A	Ya	Tentukan kode otorisasi.

Run On

Tindakan ini tidak berjalan pada entity, dan tidak memiliki parameter input wajib.

Hasil Tindakan

Hasil Skrip

Nama Hasil Skrip	Opsi Nilai
is_success	is_success=False
is_success	is_success=True

Hasil JSON

{
"refresh_token": "{refresh token}"
}
``` ##### Case Wall

<table>
<thead>
<tr>
<th>Result type</th>
<th>Value/Description</th>
<th>Type</th>
</tr>
</thead>
<tbody>
<tr>
<td>Output message*</td>
<td><p><strong>The action should not fail nor stop a playbook execution:</strong><br><strong>if successful and no "error" in the response:</strong> <em></em> "Successfully generated the refresh token. Copy that refresh token and put it in the Integration configuration."</p><p><em></em></p><p><strong>The action should fail and stop a playbook execution:</strong><br><strong>if not successful:</strong> "Error executing action "{}". Reason: " {0}".format(exception.stacktrace)<br><strong></strong></p><p><strong>If "error" in the response (fail):</strong> "Error executing action "{}". Reason: " {0}".format(errors)</p></td>
<td>General</td>
</tr>
</tbody>
</table>

## Connector

## Site24x7 - Alerts Log Connector

#### Description

Pull information about alert logs from Site24x7.

#### Known Limitations

1.  If the monitor has a whitespace in it, the connector won't be able to
    extract it. Example: "backup site".
1.  If the monitor name is "Critical", "Down", "Up" or "Trouble", the connector
    may return unexpected results.

#### Configure Site24x7 - Alerts Log Connector in Google SecOps

For detailed instructions on how to configure a connector in
Google SecOps, see [Configuring the
connector](/chronicle/docs/soar/ingest/connectors/ingest-your-data-connectors).

##### Connector parameters

Use the following parameters to configure the connector:

<table>
<thead>
<tr>
<th>Parameter Display Name</th>
<th>Type</th>
<th>Default Value</th>
<th>Is Mandatory</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>Product Field Name</td>
<td>String</td>
<td>Product Name</td>
<td>Yes</td>
<td>Enter the source field name in order to retrieve the Product Field name.</td>
</tr>
<tr>
<td>Event Field Name</td>
<td>String</td>
<td>eventType</td>
<td>Yes</td>
<td>Enter the source field name in order to retrieve the Event Field name.</td>
</tr>
<tr>
<td>Environment Field Name</td>
<td>String</td>
<td>""</td>
<td>No</td>
<td><p>Describes the name of the field where the environment name is stored.</p>
<p>If the environment field isn't found, the environment is the default environment.</p></td>
</tr>
<tr>
<td>Environment Regex Pattern</td>
<td>String</td>
<td>.*</td>
<td>No</td>
<td><p>A regex pattern to run on the value found in the "Environment Field Name" field.</p>
<p>Default is .* to catch all and return the value unchanged.</p>
<p>Used to allow the user to manipulate the environment field via regex logic.</p>
<p>If the regex pattern is null or empty, or the environment value is null, the final environment result is the default environment.</p></td>
</tr>
<tr>
<td>Script Timeout (Seconds)</td>
<td>Integer</td>
<td>180</td>
<td>Yes</td>
<td>Timeout limit for the python process running the current script.</td>
</tr>
<tr>
<td>API Root</td>
<td>String</td>
<td>https://www.site24x7.{region}</td>
<td>Yes</td>
<td><p>API root of the Site24x7 instance. Possible api roots:</p>
<p>United States<br>https://www.site24x7.com</p>
<p>Europe<br>https://www.site24x7.eu</p>
<p>China<br>https://www.site24x7.cn</p>
<p>India<br>https://www.site24x7.in</p>
<p>Australia<br>https://www.site24x7.net.au</p></td>
</tr>
<tr>
<td>Client ID</td>
<td>String</td>
<td>N/A</td>
<td>Yes</td>
<td>Client ID of the Site24x7 instance.</td>
</tr>
<tr>
<td>Client Secret</td>
<td>Password</td>
<td>N/A</td>
<td>Yes</td>
<td>Client Secret of the Site24x7 instance.</td>
</tr>
<tr>
<td>Refresh Token</td>
<td>String</td>
<td></td>
<td>Yes</td>
<td>Site24x7 Refresh token. You can generate this token using action "Get Refresh Token"</td>
</tr>
<tr>
<td>Max Days Backwards</td>
<td>Integer</td>
<td>1</td>
<td>No</td>
<td>Amount of days from where to fetch alert logs.</td>
</tr>
<tr>
<td>Max Alert Logs To Fetch</td>
<td>Integer</td>
<td>10</td>
<td>No</td>
<td>How many alert logs to process per one connector iteration. Default: 100.</td>
</tr>
<tr>
<td>Use whitelist as a blacklist</td>
<td>Checkbox</td>
<td>Checked</td>
<td>Yes</td>
<td>If enabled, whitelist will be used as a blacklist.</td>
</tr>
<tr>
<td>Disable Overflow</td>
<td>Checkbox</td>
<td></td>
<td>Yes</td>
<td>If enabled, the connector will ignore the overflow mechanism.</td>
</tr>
<tr>
<td>Verify SSL</td>
<td>Checkbox</td>
<td>Checked</td>
<td>Yes</td>
<td>If enabled, verify the SSL certificate for the connection to the Site24x7 server is valid.</td>
</tr>
<tr>
<td>Proxy Server Address</td>
<td>String</td>
<td>N/A</td>
<td>No</td>
<td>The address of the proxy server to use.</td>
</tr>
<tr>
<td>Proxy Username</td>
<td>String</td>
<td>N/A</td>
<td>No</td>
<td>The proxy username to authenticate with.</td>
</tr>
<tr>
<td>Proxy Password</td>
<td>Password</td>
<td>N/A</td>
<td>No</td>
<td>The proxy password to authenticate with.</td>
</tr>
</tbody>
</table>

#### Connector rules

##### Proxy support

The connector supports proxy.

Need more help? Get answers from Community members and Google SecOps professionals.