About the connector
Commvault is an Intelligent Data Services platform that helps you close the business integrity gap, keeping your data available and ready for business growth. This connector facilitates operations to get alerts, and get and update the user details.
This document provides information about the Commvault Connector, which facilitates automated interactions, with a Commvault server using FortiSOAR™ playbooks. Add the Commvault Connector as a step in FortiSOAR™ playbooks and perform automated operations with Commvault.
Version information
Connector Version: 1.0.0
Authored By: Fortinet
Certified: No
Installing the connector
Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command as a root user to install the connector:
yum install cyops-connector-commvault
Prerequisites to configuring the connector
- You must have the URL of the Commvault server to connect and perform automated operations, and credentials to access that server.
- The FortiSOAR™ server should have outbound connectivity to port 443 on the Commvault server.
Minimum Permissions Required
Configuring the connector
For the procedure to configure a connector, click here
Configuration parameters
In FortiSOAR™, on the Connectors page, click the Commvault connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details:
| Parameter |
Description |
| Server URL |
The service-based URL to which you connect and perform automated operations. |
| Username |
Username to access the Commvault server for connecting and performing actions. |
| Password |
Password to access the Commvault server to which you connect and perform actions. |
| Verify SSL |
Specifies whether the SSL certificate for the server is to be verified or not.
By default, this option is set to True. |
Actions supported by the connector
The following automated operations can be included in playbooks and you can also use the annotations to access operations:
| Function |
Description |
Annotation and Category |
| Get Alerts List |
Retrieves a detailed list of alerts from the Commvault server. |
list_of_alerts
Investigation |
| Get Alert Details |
Retrieves details about a specific alert from Commvault based on the alert ID that you have specified. |
alert_details
Investigation |
| Get Users List |
Retrieves a detailed list of users from the Armis server based on filters like Alert ID |
list_of_users
Investigation |
| Update User Details |
Updates the properties of a specific user on the Commvault server based on the user ID that you have specified. |
update_user
Investigation |
operation: Get Alerts List
Input parameters
None.
Output
The output contains the following populated JSON schema:
{
"myReceiveTotal": "",
"myCreatedTotal": "",
"alertList": [
{
"notifType": "",
"description": "",
"createdTime": "",
"status": "",
"creator": {
"name": "",
"id": ""
},
"alertType": {
"name": "",
"id": ""
},
"alert": {
"name": "",
"id": ""
},
"alertCategory": {
"name": "",
"id": ""
}
}
]
}
operation: Get Alert Details
Input parameters
| Parameter |
Description |
| Alert ID |
Specify the ID of the alert whose details you want to retrieve from Commvault. |
Output
The output contains the following populated JSON schema:
{
"alertDetail": {
"alertSeverity": "",
"eventCriteriaXML": "",
"escalationSeverity": "",
"checkForEventParams": "",
"customQueryDetailsXml": "",
"alertTokenRuleGroupXml": "",
"xmlEntityList": "",
"periodicNotificationInterval": "",
"securityAssociations": {
"ownerAssociations": {}
},
"criteria": [
{
"reportId": "",
"criteriaId": "",
"esclationLevel": "",
"persistTimeSeconds": "",
"reportingOptions": "",
"delayTimeSeconds": "",
"value": "",
"taskId": ""
}
],
"locale": {
"localeName": "",
"localeID": ""
},
"alert": {
"notifType": "",
"GUID": "",
"description": "",
"createdTime": "",
"origCCId": "",
"escNotifType": "",
"status": "",
"creator": {
"name": "",
"id": ""
},
"alertType": {
"name": "",
"id": ""
},
"alert": {
"name": "",
"id": ""
},
"alertCategory": {
"name": "",
"id": ""
}
},
"userGroupList": [
{
"id2": "",
"id1": "",
"name": ""
}
],
"criteriasSelected": [],
"reportingParams": {
"persistTimeSeconds": "",
"reportingOptions": "",
"delayTimeSeconds": ""
},
"appTypeFilters": {},
"regularNotifications": [],
"notifMsgs": [
{
"notifOptions": "",
"notifType": "",
"esclationLevel": "",
"notifMessage": "",
"messageFormat": "",
"notifMessageHtml": "",
"localeId": "",
"saveAlertToDisk": {
"password": "",
"alertLocation": "",
"cvpassword": "",
"useNetworkShare": "",
"loginName": "",
"impersonateUser": ""
},
"feeds": {
"seperateIndex": "",
"baseLocation": "",
"selectedChannel": "",
"rssFeedLocation": ""
},
"entity": {
"srmReportSet": "",
"type": "",
"srmReportType": "",
"clientSidePackage": "",
"_type_": "",
"consumeLicense": ""
}
}
],
"alertProperties": {}
}
}
operation: Get Users List
Input parameters
| Parameter |
Description |
| Level |
(Optional) Select a level to control the user properties included in the response based on your selection from the following options:
- 10: Select this option to fetch user properties such as the description and email address.
- 30: Select this option to fetch additional user properties such as quota information.
- 40: Select this option to fetch associated internal and external user groups, and security associations, in addition to the user properties returned by level 30.
- 50: Select this option to fetch users who can manage other users in addition to the information returned by level 40
|
Output
The output contains the following populated JSON schema:
{
"users": [
{
"removeOtherActiveSessions": "",
"associatedUserGroupsOperationType": "",
"idleTime": "",
"lastLogIntime": "",
"associatedExternalUserGroupsOperationType": "",
"loggedInMode": "",
"userEntity": {
"userGUID": "",
"userName": "",
"userId": ""
}
}
]
}
operation: Update User Details
Input parameters
| Parameter |
Description |
| User ID |
Specify the ID of the user whose details you want to update. |
| Description |
(Optional) Specify a general description of the user account which needs to be updated. |
| Associated User Groups Operation Type |
(Optional) Specify the operation to perform on the user group in the user group name element. |
| Age Password Days |
(Optional) Specify the number of days to keep the password active. |
| Password |
(Optional) Specify the updated password of the user to access the user account. |
| Email |
(Optional) Specify the email address of the user which needs to be updated. |
| Full Name |
(Optional) Specify the full name of the user whose details need to be updated. |
| Enable User |
(Optional) Select the checkbox to enable the user. By default the user is active and the checkbox is cleared. |
| User Group Names |
(Optional) Specify the name of the user group operated on by the associated user groups operation type element. |
| Username |
(Optional) Specify the name of the user whose details need to be updated. |
Output
The output contains the following populated JSON schema:
{
"processinginstructioninfo": {
"attributes": [
{
"name": "",
"value": ""
}
]
},
"response": [
{
"errorString": "",
"errorCode": "",
"entity": {
"userId": "",
"userName": ""
}
}
]
}
Included playbooks
The Sample - Commvault - 1.0.0 playbook collection comes bundled with the Commvault connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Commvault connector.
- Get Alert Details
- Get Alerts List
- Get Users List
- Update User Details
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
