Fortinet black logo

Tripwire IP360 v1.0.0

1.0.0
Copy Link
Copy Doc ID 94ffa702-d0ea-42d0-b9a9-888fefe5bf10:1

About the connector

Tripwire IP360 Connector provides an enterprise-class vulnerability management solution, whose vulnerability prioritization is more precise than basic scoring. It ranks vulnerabilities with a numeric score based on impact, ease of exploit, and age. Its unique fingerprinting technology limits scans to relevant device and application types.

This document provides information about the Tripwire IP360 connector, which facilitates automated interactions with a Tripwire IP360 server using FortiSOAR™ playbooks. Add the Tripwire IP360 connector as a step in FortiSOAR™ playbooks and perform automated operations, such as adding a new scan configuration for scanning on Tripwire IP360, retrieving available scan configurations from Tripwire IP360, and creating a new scan profile on Tripwire IP360.

Version information

Connector Version: 1.0.0

FortiSOAR™ Versions Tested on: 4.11.0-1161

Authored By: Fortinet

Certified: Yes

Installing the connector

All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum command to install connectors:

yum install cyops-connector-tripwire-ip360

For the detailed procedure to install a connector, click here.

Prerequisites to configuring the connector

  • You must have the URL of Tripwire IP360 server to which you will connect and perform automated operations and credentials (username-password pair) to access that server.
  • To access the FortiSOAR™ UI, ensure that port 443 is open through the firewall for the FortiSOAR™ instance.

Configuring the connector

For the procedure to configure a connector, click here.

Configuration parameters

In FortiSOAR™, on the Connectors page, click the Tripwire IP360 connector row, and in the Configuration tab enter the required configuration details.

Parameter Description
Server URL URL of the Tripwire IP360 server to which you will connect and perform the automated operations.
Username Username configured for your account to access the Tripwire IP360 server to which you will connect and perform the automated operations
Password Password configured for your account to access the Tripwire IP360 server to which you will connect and perform the automated operations.
Verify SSL Specifies whether the SSL certificate for the server is to be verified or not.
By default, this option is set as True.

Actions supported by the connector

The following automated operations can be included in playbooks, and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

Function Description Annotation and Category
Configure New Scan Adds a new scan configuration for scanning on Tripwire IP360. add_new_scan
Investigation
Get Scan Configurations Retrieves all scan configurations or a specific scan configuration, based on the search text you have specified, from Tripwire IP360. get_scans
Investigation
Update Scan Configuration Updates an existing scan configuration, based on the scan name and other input parameters you have specified, on Tripwire IP360. update_scan_config
Investigation
Delete Scan Configuration Deletes a scan configuration, based on the scan name you have specified, from Tripwire IP360. delete_scans
Investigation
Create Scan Profile Creates a new scan profile for scanning on Tripwire IP360. create_scan_profile
Investigation
Get Scan Profiles Retrieves all scan profiles or a specific scan profile, based on the search text you have specified, from Tripwire IP360. get_scan_profiles
Investigation
Update Scan Profile Updates an existing scan profile, based on the scan name and other input parameters you have specified, on Tripwire IP360. update_scan_profile
Investigation
Delete Scan Profile Deletes a scan profile, based on the profile name you have specified, from Tripwire IP360. delete_scan_profiles
Investigation
Create Network Creates a new network on Tripwire IP360. create_network
Investigation
Get Networks Retrieves information for all networks from Tripwire IP360. get_networks
Investigation
Update Network Updates an existing network based on the network name and other input parameters you have specified, on Tripwire IP360. update_network
Investigation
Delete Network Deletes a network, based on the network name you have specified, from Tripwire IP360. delete_network
Investigation
Start Scan Starts a scan on Tripwire IP360. start_scan
Investigation
Cancel Scan Cancels an ongoing scan on Tripwire IP360. cancel_scan
Investigation
Pause Scan Pauses an ongoing scan on Tripwire IP360. pause_scan
Investigation
Resume Scan Resumes a paused scan on Tripwire IP360. resume_scan
Investigation
Get Vulnerabilities Retrieves all vulnerabilities or a specific vulnerability based on the search text and other input parameters you have specified, from Tripwire IP360. get_vulnerabilities
Investigation
Run Agent Runs an axon agent for system data collection on Tripwire IP360. run_agent
Investigation
Get Agents Retrieves information for all axon agents or a specific axon agent, based on the search text and other input parameters you have specified, from Tripwire IP360. get_agent
Investigation
Get Assets Retrieves information for all assets or a specific asset based on the search text and other input parameters you have specified, from Tripwire IP360. get_assets
Investigation
Get Audits Retrieves information for all audits (scan activity details) or a specific audit based on the search text and other input parameters you have specified, from Tripwire IP360. get_audits
Investigation

operation: Configure New Scan

Input parameters

Parameter Description
Name Name of the scan that you want to create on the Tripwire IP360 server.
Status Select the Statuscheckbox, i.e., set it to True, if you want set the status of the scan to active. Otherwise, it remains Inactive.
By default, it is checked, i.e., it is set as True.
Scan Profile Scan profile used for scanning that will apply to the new scan that you want to create on the Tripwire IP360 server.
You can select the profile from the available profiles such as, Tripwire: Standard Profile, Tripwire: Host Inventory, Tripwire: Agent-only, which are listed in the Scan Profile drop-down list.
Network Network used for scanning that will apply to the new scan that you want to create on the Tripwire IP360 server.
You can select the network from the available networks, which are listed in the Network drop-down list.
Appliance Pool Appliance Pool used for scanning that will apply to the new scan that you want to create on the Tripwire IP360 server.
You can select the appliance pool from the available appliance pools, which are listed in the Appliance Pool drop-down list.
On Demand Select the On Demandcheckbox, i.e., set it to True, if you want set the scan type as On Demand.
By default, it is checked, i.e., it is set as True.
If True is selected from the On Demand drop-down box, then the Schedule Start drop-down box is displayed and if you select True from the Schedule Start drop-down box, i.e., if you want to create the new scan as a scheduled scan then you must specify the following parameters:
  • Scan Start DateTime: Datetime for the scan to start in the mm/dd/yyyy, hh:mm ss format.
  • Scan End DateTime: Datetime for the scan to start in the mm/dd/yyyy, hh:mm ss format.
  • Restrict IP Space: Restricts the scan to only the IP addresses, CIDRs, or ranges that you have specified and which are delimited by commas or spaces.
  • Debug Scan: Select the On Demand checkbox, i.e., set it to True, to enable debugging for the scan.
    By default, it is checked, i.e., it is set as True.

Output

The output contains the following populated JSON schema:

{
  "name": "",
  "url": "",
  "schedule_failed": "",
  "is_debug": "",
  "scan_end_datetime": "",
  "pool": "",
  "fault_string": "",
  "scan_profile": "",
  "scan_start_datetime": "",
  "range": "",
  "network": "",
  "rejected": "",
  "audit": ""
}

operation: Get Scan Configurations

Input parameters

Parameter Description
Search Text (Optional) Text based on which you want to filter scan configurations from Tripwire IP360.
If you do not specify any search content, then all available scan configurations are retrieved from Tripwire IP360.

Output

The output contains the following populated JSON schema:

{
  "count": "",
  "next": "",
  "previous": "",
  "results": [
    {
      "url": "",
      "name": "",
      "active": "",
      "status": "",
      "on_demand": "",
      "network": {
        "url": "",
        "name": "",
        "active": "",
        "owner": "",
        "notes": "",
        "scap_agent_persist": "",
        "favor_netbios_name": "",
        "asset_value": "",
        "include_ips": "",
        "exclude_ips": "",
        "effective_ranges": "",
        "host_tracking": {
          "correlation_threshold": "",
          "correlation_method": "",
          "correlation_values": {
            "DNS Name": "",
            "OS Fingerprint": "",
            "NetBIOS Name": "",
            "Port Signature": "",
            "IP Address": "",
            "Apparent MAC Address": "",
            "Operating System": ""
          }
        },
        "virtual_hosts": [],
        "system": ""
      },
      "scan_profile": {
        "url": "",
        "name": "",
        "active": "",
        "system": "",
        "discovery_tcp_ports": [],
        "discovery_tcp": "",
        "discovery_udp": "",
        "discovery_udp_ports": "",
        "discovery_icmp": "",
        "host_config_check": "",
        "background_port_scan": "",
        "background_port_scan_rate": "",
        "fingerprint_scan": "",
        "fingerprint_scan_legacy": "",
        "app_scan": "",
        "app_scan_limited": "",
        "app_scan_extensive": "",
        "udp_scan": "",
        "tcp_scan": "",
        "udp_scan_ports_exclude": "",
        "udp_scan_ports_include": [],
        "udp_scan_ports_only": "",
        "tcp_scan_ports_only": "",
        "tcp_scan_ports_include": [],
        "tcp_scan_ports_exclude": "",
        "vuln_scan": "",
        "vuln_scan_adjusted": "",
        "vuln_scan_adjusted_type": "",
        "vuln_scan_adjusted_vulns": [],
        "app_scan_adjusted": "",
        "app_scan_adjusted_type": "",
        "app_scan_adjusted_apps": [],
        "webapp_scan": "",
        "webapp_recursion_limit": "",
        "webapp_page_limit": "",
        "credentials_webhttp": "",
        "credentials_webform": "",
        "credentials_ssh": "",
        "credentials_smb": "",
        "credentials_snmp": "",
        "rules_auth_attempt": "",
        "rules_custom": "",
        "rules_intrusive": "",
        "rules_verified": "",
        "scap_scan": "",
        "scap_scan_policies": [],
        "rate_limit": "",
        "traversal_random": "",
        "schedule": "",
        "agent_only": ""
      },
      "pool": {
        "url": "",
        "name": "",
        "generated": "",
        "notes": "",
        "appliances": [
          {
            "url": "",
            "name": "",
            "ip_address": "",
            "authentication_key": "",
            "is_local": "",
            "software_version": "",
            "aap_uuid": "",
            "aspl_version": "",
            "cloud": "",
            "error": "",
            "reboot_pending": "",
            "last_reboot": "",
            "last_update": "",
            "last_update_seconds": "",
            "is_up": "",
            "default_soft_connection_limit": "",
            "soft_connection_limit": "",
            "hard_connection_limit": "",
            "hardware_type": "",
            "dns_servers": [],
            "interfaces": [
              {
                "name": "",
                "ip_address": ""
              }
            ],
            "aap_is_up": "",
            "aap_timestamp": "",
            "aap_agent_count": ""
          }
        ],
        "allow_agent_processing": ""
      },
      "last_completed_datetime": "",
      "next_scan_time": "",
      "next_scan_immediate": "",
      "fault_string": ""
    }
  ]
}

operation: Update Scan Configuration

Input parameters

Parameter Description
Scan Name Name of the scan that you want to update on the Tripwire IP360 server.
New Name New name of the existing scan that you want to update on the Tripwire IP360 server.
Status Select the Statuscheckbox, i.e., set it to True, if you want set the status of the scan to active. Otherwise, it remains Inactive.
By default, it is checked, i.e., it is set as True.
You can change the status of the specified existing scan.
Scan Profile Scan profile used for scanning that will apply to the existing specified scan that you want to update on the Tripwire IP360 server.
You can select the profile from the available profiles such as, Tripwire: Standard Profile, Tripwire: Host Inventory, Tripwire: Agent-only, which are listed in the Scan Profile drop-down list.
Network Network used for scanning that will apply to the existing specified scan that you want to update on the Tripwire IP360 server.
You can select the network from the available networks, which are listed in the Network drop-down list.
Appliance Pool Appliance Pool used for scanning that will apply to the existing specified scan that you want to update on the Tripwire IP360 server.
You can select the appliance pool from the available appliance pools, which are listed in the Appliance Pool drop-down list.
On Demand Select the On Demandcheckbox, i.e., set it to True, if you want set the scan type as On Demand.
By default, it is checked, i.e., it is set as True.
Schedule Start (Optional) You can change the scheduled start of the specified existing scheduled scan configuration.
If you select True from the Schedule Start drop-down box, i.e., if you want to update the existing specified scan as a scheduled scan then you must specify the following parameters:
  • Scan Start DateTime: Datetime for the scan to start in the mm/dd/yyyy, hh:mm ss format.
  • Scan End DateTime: Datetime for the scan to start in the mm/dd/yyyy, hh:mm ss format.
  • Restrict IP Space: Restricts the scan to only the IP addresses, CIDRs, or ranges that you have specified and which are delimited by commas or spaces.
  • Debug Scan: Select the On Demand checkbox, i.e., set it to True, to enable debugging for the scan. Otherwise, debugging for the scan is disabled.
    By default, it is checked, i.e., it is set as True.

Output

The output contains the following populated JSON schema:

{
  "url": "",
  "name": "",
  "active": "",
  "network": "",
  "scan_profile": "",
  "pool": "",
  "last_completed_datetime": "",
  "next_scan_immediate": "",
  "next_scan_time": "",
  "fault_string": ""
}

operation: Delete Scan Configuration

Input parameters

Parameter Description
Scan Name Name of the scan whose configuration you want to delete from Tripwire IP360.

Output

The output contains a string message containing the result of the operation, such as Successfully deleted scan configuration if the scan configuration is deleted successfully from Tripwire IP360.

operation: Create Scan Profile

Input parameters

Parameter Description
Name Name of the scan profile that you want to create on the Tripwire IP360 server.
Status Select the Statuscheckbox, i.e., set it to True, if you want set the status of the scan profile to active. Otherwise, it remains Inactive.
By default, it is checked, i.e., it is set as True.
Agent Only Scan Select the Agent Only Scan checkbox, i.e., set it to True, if you want the scan profile to include all assets with agents installed regardless of network.
By default, it is not checked, i.e., it is set as False.
Credentials Credential type for the scan profile that you want to create on the Tripwire IP360 server. You can choose from the following options: Windows, SSH, SNMP, HTTP, or Web Form.
Application Scan Select the Application Scan checkbox, i.e., set it to True, if you want the scan profile to include an application scan.
By default, it is checked, i.e., it is set as True.
Vulnerability Scan Select the Vulnerability Scan checkbox, i.e., set it to True, if you want the scan profile to include a vulnerability scan.
By default, it is checked, i.e., it is set as True.
Web Application Scan Select the Web Application Scan checkbox, i.e., set it to True, if you want the scan profile to include a web application scan.
By default, it is checked, i.e., it is set as True.
Webapp Recursion Limit (Optional) Webapp recursion limit to be set for the scan profile that you want to create on the Tripwire IP360 server.
Webapp Page Limit (Optional) Webapp page limit to be set for the scan profile that you want to create on the Tripwire IP360 server.
Discovery Scans Scan type to be used for the scan profile that you want to create on the Tripwire IP360 server. You can choose from the following options: OS Fingerprinting, Legacy OS Fingerprinting, Ping Scan, TCP Port Scan, or UDP Port Scan.
Discovery TCP Ports (Optional) TCP port list to be set for the scan profile that you want to create on the Tripwire IP360 server.
Discovery UDP Ports (Optional) UDP port list to be set for the scan profile that you want to create on the Tripwire IP360 server.
TCP Scan Ports Only (Optional) Restrict scanning of TCP ports to only the list specified in this field for the scan profile that you want to create on the Tripwire IP360 server.
TCP Scan Ports Include (Optional) List of TCP scan ports to be included in the scan profile that you want to create on the Tripwire IP360 server.
TCP Scan Ports Exclude (Optional) List of TCP scan ports to be excluded from the scan profile that you want to create on the Tripwire IP360 server.
UDP Scan Ports Include (Optional) List of UDP scan ports to be included in the scan profile that you want to create on the Tripwire IP360 server.
UDP Scan Ports Exclude (Optional) List of UDP scan ports to be excluded from the scan profile that you want to create on the Tripwire IP360 server.
Background Port Detection Select the Background Port Detection checkbox, i.e., set it to True, if you want the scan profile to include running of additional full port detection scans in the background to detect open ports not included in current scans. Discovered ports will automatically be used in future scans.
By default, it is not checked, i.e., it is set as False.
Background Port Rate Limit (Optional) Only applicable if you have selected the Background Port Detection option. Ports per second to be checked during full port detection scans in the background.
Scap Scan Select the Scap Scan checkbox, i.e., set it to True, if you want the scan profile to include a scap scan.
By default, it is not checked, i.e., it is set as False.
Scap Scan Policies (Optional) Only applicable if you have selected the >Scap Scan option. List of scap scan policies to be included in the scap scan.
Fast Application Scan Select the Fast Application Scan checkbox, i.e., set it to True, if you want to scan only the applications associated with the selected vulnerabilities.
By default, it is not checked, i.e., it is set as False.
IP Traversal (Optional) Type of IP Traversal to be included in the scan profile that you want to create on the Tripwire IP360 server. You can choose between Random or Sequential.
Host Configuration Check Select the Host Configuration Check checkbox, i.e., set it to True, if you want to include a host configuration check in the scan profile that you want to create on the Tripwire IP360 server.
By default, it is checked, i.e., it is set as True.
Extensive Application Scan Select the Extensive Application Scan checkbox, i.e., set it to True, if you want to include an extensive application scan in the scan profile that you want to create on the Tripwire IP360 server.
By default, it is not checked, i.e., it is set as False.
Rules Verified (Optional) All predefined rules, including customer-created rules will be flagged in the scan profile according to the option you select for this field. You can choose from the following options: Use, Require, or Exclude.
Rules Intrusive (Optional) Rules are run against lab systems will be included in the scan profile based on the option you select for this field. You can choose from the following options: Use, Require, or Exclude.
Custom Rules (Optional) Rules that are created by a user will be included in the scan profile based on the option you select for this field. You can choose from the following options: Use, Require, or Exclude.
Rate Limit (Optional) Rate limit for scanning to be included in the scan profile.
Vulnerability Scan Adjusted Select the Vulnerability Scan Adjusted checkbox, i.e., set it to True, if you want to scan only for applications associated with the selected vulnerabilities in the scan profile that you want to create on the Tripwire IP360 server.
By default, it is checked, i.e., it is set as True.
If Vulnerability Scan Adjusted checkbox is checked, i.e., set it to True, then the following fields are displayed, whose parameters you can set:
  • Vulnerability Scan Adjusted Type: (Optional) Set the type as Excluded or Only.
  • Vulnerability Scan Adjusted Vulns: (Optional) Specify the list of vulnerabilities to check.

Output

The output contains the following populated JSON schema:

{
  "name": "",
  "url": "",
  "active": "",
  "system": "",
  "discovery_tcp_ports": [],
  "discovery_tcp": "",
  "discovery_udp": "",
  "discovery_udp_ports": "",
  "discovery_icmp": "",
  "host_config_check": "",
  "background_port_scan": "",
  "background_port_scan_rate": "",
  "fingerprint_scan": "",
  "fingerprint_scan_legacy": "",
  "app_scan": "",
  "app_scan_limited": "",
  "app_scan_extensive": "",
  "udp_scan": "",
  "tcp_scan": "",
  "udp_scan_ports_exclude": "",
  "udp_scan_ports_include": [],
  "udp_scan_ports_only": "",
  "tcp_scan_ports_only": "",
  "tcp_scan_ports_include": [
    "5"
  ],
  "tcp_scan_ports_exclude": "",
  "vuln_scan": "",
  "vuln_scan_adjusted": "",
  "vuln_scan_adjusted_type": "",
  "vuln_scan_adjusted_vulns": [],
  "app_scan_adjusted": "",
  "app_scan_adjusted_type": "",
  "app_scan_adjusted_apps": [],
  "webapp_scan": "",
  "webapp_recursion_limit": "",
  "webapp_page_limit": "",
  "credentials_webhttp": "",
  "credentials_webform": "",
  "credentials_ssh": "",
  "credentials_smb": "",
  "credentials_snmp": "",
  "rules_auth_attempt": "",
  "rules_custom": "",
  "rules_intrusive": "",
  "rules_verified": "",
  "scap_scan": "",
  "scap_scan_policies": [],
  "rate_limit": "",
  "traversal_random": "",
  "schedule": "",
  "agent_only": ""
}

operation: Get Scan Profiles

Input parameters

Parameter Description
Search Text (Optional) Text based on which you want to filter scan profiles from Tripwire IP360.
If you do not specify any search content, then all available scan profiles are retrieved from Tripwire IP360.

Output

The output contains the following populated JSON schema:

{
  "previous": "",
  "results": [
    {
      "url": "",
      "window_enabled": "",
      "window_start": "",
      "timezone": "",
      "days": "",
      "window_end": "",
      "weekdays": "",
      "frequency_period": "",
      "frequency_max": "",
      "weeks": "",
      "name": ""
    }
  ],
  "next": "",
  "count": ""
}

operation: Update Scan Profile

Input parameters

Parameter Description
Profile Name Name of the scan profile that you want to update on the Tripwire IP360 server.
Name New name of the existing scan profile that you want to update on the Tripwire IP360 server.
Status Select the Statuscheckbox, i.e., set it to True, if you want set the status of the scan profile to active. Otherwise, it remains Inactive.
By default, it is checked, i.e., it is set as True.
Agent Only Scan Select the Agent Only Scan checkbox, i.e., set it to True, if you want the scan profile to include all assets with agents installed regardless of network.
By default, it is not checked, i.e., it is set as False.
Credentials Credential type for the scan profile that you want to update on the Tripwire IP360 server. You can choose from the following options: Windows, SSH, SNMP, HTTP, or Web Form.
Application Scan Select the Application Scan checkbox, i.e., set it to True, if you want the scan profile to include an application scan.
By default, it is checked, i.e., it is set as True.
Vulnerability Scan Select the Vulnerability Scan checkbox, i.e., set it to True, if you want the scan profile to include a vulnerability scan.
By default, it is checked, i.e., it is set as True.
Web Application Scan Select the Web Application Scan checkbox, i.e., set it to True, if you want the scan profile to include a web application scan.
By default, it is checked, i.e., it is set as True.
Webapp Recursion Limit (Optional) Webapp recursion limit to be set for the scan profile that you want to update on the Tripwire IP360 server.
Webapp Page Limit (Optional) Webapp page limit to be set for the scan profile that you want to update on the Tripwire IP360 server.
Discovery Scans Scan type to be used for the scan profile that you want to update on the Tripwire IP360 server. You can choose from the following options: OS Fingerprinting, Legacy OS Fingerprinting, Ping Scan, TCP Port Scan, or UDP Port Scan.
Discovery TCP Ports (Optional) TCP port list to be set for the scan profile that you want to update on the Tripwire IP360 server.
Discovery UDP Ports (Optional) UDP port list to be set for the scan profile that you want to update on the Tripwire IP360 server.
TCP Scan Ports Only (Optional) Restrict scanning of TCP ports to only the list specified in this field for the scan profile that you want to update on the Tripwire IP360 server.
TCP Scan Ports Include (Optional) List of TCP scan ports to be included in the scan profile that you want to update on the Tripwire IP360 server.
TCP Scan Ports Exclude (Optional) List of TCP scan ports to be excluded from the scan profile that you want to update on the Tripwire IP360 server.
UDP Scan Ports Include (Optional) List of UDP scan ports to be included in the scan profile that you want to update on the Tripwire IP360 server.
UDP Scan Ports Exclude (Optional) List of UDP scan ports to be excluded from the scan profile that you want to update on the Tripwire IP360 server.
Background Port Detection Select the Background Port Detection checkbox, i.e., set it to True, if you want the scan profile to include running of additional full port detection scans in the background to detect open ports not included in current scans. Discovered ports will automatically be used in future scans.
By default, it is not checked, i.e., it is set as False.
Background Port Rate Limit (Optional) Only applicable if you have selected the Background Port Detection option. Ports per second to be checked during full port detection scans in the background.
Scap Scan Select the Scap Scan checkbox, i.e., set it to True, if you want the scan profile to include a scap scan.
By default, it is not checked, i.e., it is set as False.
Scap Scan Policies (Optional) Only applicable if you have selected the >Scap Scan option. List of scap scan policies to be included in the scap scan.
Fast Application Scan Select the Fast Application Scan checkbox, i.e., set it to True, if you want to scan only the applications associated with the selected vulnerabilities.
By default, it is not checked, i.e., it is set as False.
IP Traversal (Optional) Type of IP Traversal to be included in the scan profile that you want to update on the Tripwire IP360 server. You can choose between Random or Sequential.
Host Configuration Check Select the Host Configuration Check checkbox, i.e., set it to True, if you want to include a host configuration check in the scan profile that you want to update on the Tripwire IP360 server.
By default, it is checked, i.e., it is set as True.
Extensive Application Scan Select the Extensive Application Scan checkbox, i.e., set it to True, if you want to include an extensive application scan in the scan profile that you want to update on the Tripwire IP360 server.
By default, it is not checked, i.e., it is set as False.
Rules Verified (Optional) All predefined rules, including customer-created rules will be flagged in the scan profile according to the option you select for this field. You can choose from the following options: Use, Require, or Exclude.
Rules Intrusive (Optional) Rules are run against lab systems will be included in the scan profile based on the option you select for this field. You can choose from the following options: Use, Require, or Exclude.
Custom Rules (Optional) Rules that are created by user will be included in the scan profile based on the option you select for this field. You can choose from the following options: Use, Require, or Exclude.
Rate Limit (Optional) Rate limit for scanning to be included in the scan profile.
Vulnerability Scan Adjusted Select the Vulnerability Scan Adjusted checkbox, i.e., set it to True, if you want to scan only for applications associated with the selected vulnerabilities in the scan profile that you want to update on the Tripwire IP360 server.
By default, it is checked, i.e., it is set as True.
Vulnerability Scan Adjusted Type (Optional) Applicable only if you have selected the Vulnerability Scan Adjusted checkbox. Set the type as excludedor only.
Vulnerability Scan Adjusted Vulns (Optional) Applicable only if you have selected the Vulnerability Scan Adjusted checkbox. Specify the list of vulnerabilities to check.

Output

The output contains the following populated JSON schema:

{
  "credentials_webform": "",
  "webapp_page_limit": "",
  "rules_custom": "",
  "app_scan_limited": "",
  "active": "",
  "traversal_random": "",
  "udp_scan": "",
  "app_scan_adjusted": "",
  "credentials_snmp": "",
  "discovery_tcp": "",
  "app_scan": "",
  "vuln_scan_adjusted_vulns": [],
  "discovery_icmp": "",
  "tcp_scan_ports_include": [],
  "app_scan_adjusted_apps": [],
  "discovery_tcp_ports": [],
  "system": "",
  "fingerprint_scan_legacy": "",
  "app_scan_extensive": "",
  "vuln_scan": "",
  "discovery_udp": "",
  "rules_verified": "",
  "udp_scan_ports_include": "",
  "agent_only": "",
  "credentials_smb": "",
  "schedule": "",
  "credentials_ssh": "",
  "udp_scan_ports_exclude": "",
  "rate_limit": "",
  "host_config_check": "",
  "tcp_scan": "",
  "tcp_scan_ports_exclude": "",
  "background_port_scan_rate": "",
  "credentials_webhttp": "",
  "rules_intrusive": "",
  "vuln_scan_adjusted_type": "",
  "scap_scan_policies": [],
  "rules_auth_attempt": "",
  "vuln_scan_adjusted": "",
  "url": "",
  "udp_scan_ports_only": [],
  "app_scan_adjusted_type": "",
  "scap_scan": "",
  "tcp_scan_ports_only": "",
  "webapp_recursion_limit": "",
  "name": "",
  "discovery_udp_ports": [],
  "webapp_scan": "",
  "fingerprint_scan": "",
  "background_port_scan": ""
}

operation: Delete Scan Profile

Input parameters

Parameter Description
Profile Name Name of the scan profile that you want to delete from Tripwire IP360.

Output

The output contains a string message containing the result of the operation, such as Successfully deleted scan profile if the scan profile is deleted successfully from Tripwire IP360.

operation: Create Network

Input parameters

Parameter Description
Name Name of the new network that you want to add to Tripwire IP360.
Owner (Optional) Owner of the new network that you want to add to Tripwire IP360.
Status Select the Statuscheckbox, i.e., set it to True, if you want set the status of the network to active. Otherwise, it remains Inactive.
By default, it is not checked, i.e., it is set as False.
Include IPs List of IP addresses such as hostnames, IPv4, IPv6, CIDR, or a range that you want to include in the network that you want to add to Tripwire IP360.
Exclude IPs List of IP addresses such as hostnames, IPv4, IPv6, CIDR, or a range that you want to exclude from the network that you want to add to Tripwire IP360.
Asset Value (Optional) Asset Value of the new network that you want to add to Tripwire IP360.

Output

The output contains the following populated JSON schema:

{
  "active": "",
  "system": "",
  "url": "",
  "name": "",
  "owner": "",
  "notes": "",
  "scap_agent_persist": "",
  "favor_netbios_name": "",
  "asset_value": "",
  "include_ips": "",
  "exclude_ips": "",
  "effective_ranges": "",
  "host_tracking": {
    "correlation_threshold": "",
    "correlation_method": "",
    "correlation_values": {
      "DNS Name": "",
      "OS Fingerprint": "",
      "NetBIOS Name": "",
      "Port Signature": "",
      "IP Address": "",
      "Apparent MAC Address": "",
      "Operating System": ""
    }
  },
  "virtual_hosts": []
}

operation: Get Networks

Input parameters

None.

Output

The output contains the following populated JSON schema:

{
  "next": "",
  "results": [
    {
      "scap_agent_persist": "",
      "owner": "",
      "asset_value": "",
      "virtual_hosts": [],
      "favor_netbios_name": "",
      "url": "",
      "active": "",
      "system": "",
      "include_ips": "",
      "notes": "",
      "effective_ranges": "",
      "host_tracking": {
        "correlation_threshold": "",
        "correlation_values": {
          "Port Signature": "",
          "Operating System": "",
          "DNS Name": "",
          "NetBIOS Name": "",
          "IP Address": "",
          "OS Fingerprint": "",
          "Apparent MAC Address": ""
        },
        "correlation_method": ""
      },
      "exclude_ips": "",
      "name": ""
    }
  ],
  "previous": "",
  "count": ""
}

operation: Update Network

Input parameters

Parameter Description
Name Name of an existing network that you want to update on Tripwire IP360.
Name (Optional) New name of the existing scan profile that you want to update on the Tripwire IP360 server.
Owner (Optional) Owner of the new network that you want to update on Tripwire IP360.
Status Select the Statuscheckbox, i.e., set it to True, if you want set the status of the network to active. Otherwise, it remains Inactive.
By default, it is not checked, i.e., it is set as False.
Include IPs (Optional) List of IP addresses such as hostnames, IPv4, IPv6, CIDR, or a range that you want to include in the network that you want to update on Tripwire IP360.
Exclude IPs (Optional) List of IP addresses such as hostnames, IPv4, IPv6, CIDR, or a range that you want to exclude from the network that you want to update on Tripwire IP360.
Asset Value (Optional) Asset Value of the new network that you want to update on Tripwire IP360.

Output

The output contains the following populated JSON schema:

{
  "name": "",
  "url": "",
  "active": "",
  "owner": "",
  "notes": "",
  "scap_agent_persist": "",
  "favor_netbios_name": "",
  "asset_value": "",
  "include_ips": "",
  "exclude_ips": "",
  "effective_ranges": "",
  "host_tracking": {
    "correlation_threshold": "",
    "correlation_method": "",
    "correlation_values": {
      "DNS Name": "",
      "OS Fingerprint": "",
      "NetBIOS Name": "",
      "Port Signature": "",
      "IP Address": "",
      "Apparent MAC Address": "",
      "Operating System": ""
    }
  },
  "virtual_hosts": [],
  "system": ""
}

operation: Delete Network

Input parameters

Parameter Description
Name Name of the network that you want to delete from Tripwire IP360.

Output

The output contains a string message containing the result of the operation, such as Successfully deleted network if the network is deleted successfully from Tripwire IP360.

operation: Start Scan

Input parameters

Parameter Description
Scan Name Name of the scan that you want to start on Tripwire IP360.

Output

The output contains the following populated JSON schema:

{
  "url": "",
  "name": "",
  "network": "",
  "scan_profile": "",
  "pool": "",
  "range": "",
  "special_scan": "",
  "status": "",
  "scan_type": "",
  "rejected": "",
  "all_hosts_failed": "",
  "last_error": "",
  "agent_uuids": "",
  "start_date": "",
  "scan_profile_type": "",
  "credential_limit": "",
  "end_date": "",
  "debug": ""
}

operation: Cancel Scan

Input parameters

Parameter Description
Scan Name Name of the ongoing scan that you want to cancel on Tripwire IP360.

Output

The output contains the following populated JSON schema:

[
  {
    "ontology_version": "",
    "special_scan": "",
    "status": "",
    "rejected": "",
    "scan_type": "",
    "vuln_count": "",
    "name": "",
    "scan_profile": {
      "discovery_udp": "",
      "host_config_check": "",
      "scap_scan_policies": [],
      "credentials_webhttp": "",
      "webapp_scan": "",
      "discovery_icmp": "",
      "discovery_tcp_ports": [],
      "rate_limit": "",
      "discovery_tcp": "",
      "app_scan_adjusted_type": "",
      "app_scan": "",
      "credentials_smb": "",
      "rules_intrusive": "",
      "system": "",
      "tcp_scan_ports_include": [],
      "tcp_scan": "",
      "webapp_recursion_limit": "",
      "app_scan_limited": "",
      "udp_scan_ports_only": "",
      "fingerprint_scan": "",
      "vuln_scan_adjusted_vulns": [],
      "credentials_webform": "",
      "app_scan_adjusted_apps": [],
      "schedule": "",
      "rules_custom": "all",
      "credentials_ssh": "",
      "background_port_scan": "",
      "tcp_scan_ports_exclude": "",
      "app_scan_adjusted": "",
      "rules_verified": "only",
      "fingerprint_scan_legacy": "",
      "vuln_scan_adjusted": "",
      "discovery_udp_ports": "",
      "tcp_scan_ports_only": "",
      "active": "",
      "background_port_scan_rate": "",
      "udp_scan": "",
      "app_scan_extensive": "",
      "name": "",
      "traversal_random": "",
      "vuln_scan": "",
      "vuln_scan_adjusted_type": "",
      "credentials_snmp": "",
      "scap_scan": "",
      "rules_auth_attempt": "",
      "webapp_page_limit": "",
      "udp_scan_ports_include": [],
      "url": "",
      "udp_scan_ports_exclude": "",
      "agent_only": ""
    },
    "debug": "",
    "all_hosts_failed": "",
    "range": "",
    "agent_uuids": "",
    "elapsed_seconds": "",
    "average_host_score": "",
    "start_date": "",
    "last_error": "",
    "host_count": "",
    "credential_limit": "",
    "url": "",
    "end_date": "",
    "network": {
      "include_ips": "",
      "virtual_hosts": [],
      "scap_agent_persist": "",
      "exclude_ips": "",
      "url": "",
      "asset_value": "",
      "notes": "",
      "favor_netbios_name": "",
      "owner": "",
      "effective_ranges": "",
      "active": "",
      "name": "",
      "system": "",
      "host_tracking": {
        "correlation_threshold": "",
        "correlation_values": {
          "Port Signature": "",
          "OS Fingerprint": "",
          "Operating System": "",
          "NetBIOS Name": "",
          "IP Address": "",
          "DNS Name": "",
          "Apparent MAC Address": ""
        },
        "correlation_method": ""
      }
    },
    "pool": {
      "notes": "",
      "appliances": [
        {
          "aap_uuid": "",
          "hardware_type": "",
          "error": "",
          "is_up": "",
          "cloud": "",
          "authentication_key": "",
          "aap_timestamp": "",
          "aspl_version": "",
          "hard_connection_limit": "",
          "name": "",
          "last_reboot": "",
          "reboot_pending": "",
          "dns_servers": [],
          "aap_agent_count": "",
          "interfaces": [
            {
              "ip_address": "",
              "name": ""
            }
          ],
          "soft_connection_limit": "",
          "aap_is_up": "",
          "ip_address": "",
          "last_update_seconds": "",
          "software_version": "",
          "last_update": "",
          "url": "",
          "default_soft_connection_limit": "",
          "is_local": ""
        }
      ],
      "generated": "",
      "url": "",
      "name": "",
      "allow_agent_processing": ""
    }
  }
]

operation: Pause Scan

Input parameters

Parameter Description
Scan Name Name of the ongoing scan that you want to pause on Tripwire IP360.

Output

The output contains the following populated JSON schema:

[
  {
    "ontology_version": "",
    "special_scan": "",
    "status": "",
    "rejected": "",
    "scan_type": "",
    "vuln_count": "",
    "name": "",
    "scan_profile": {
      "discovery_udp": "",
      "host_config_check": "",
      "scap_scan_policies": [],
      "credentials_webhttp": "",
      "webapp_scan": "",
      "discovery_icmp": "",
      "discovery_tcp_ports": [],
      "rate_limit": "",
      "discovery_tcp": "",
      "app_scan_adjusted_type": "",
      "app_scan": "",
      "credentials_smb": "",
      "rules_intrusive": "",
      "system": "",
      "tcp_scan_ports_include": [],
      "tcp_scan": "",
      "webapp_recursion_limit": "",
      "app_scan_limited": "",
      "udp_scan_ports_only": "",
      "fingerprint_scan": "",
      "vuln_scan_adjusted_vulns": [],
      "credentials_webform": "",
      "app_scan_adjusted_apps": [],
      "schedule": "",
      "rules_custom": "",
      "credentials_ssh": "",
      "background_port_scan": "",
      "tcp_scan_ports_exclude": "",
      "app_scan_adjusted": "",
      "rules_verified": "",
      "fingerprint_scan_legacy": "",
      "vuln_scan_adjusted": "",
      "discovery_udp_ports": "",
      "tcp_scan_ports_only": "",
      "active": "",
      "background_port_scan_rate": "",
      "udp_scan": "",
      "app_scan_extensive": "",
      "name": "",
      "traversal_random": "",
      "vuln_scan": "",
      "vuln_scan_adjusted_type": "",
      "credentials_snmp": "",
      "scap_scan": "",
      "rules_auth_attempt": "",
      "webapp_page_limit": "",
      "udp_scan_ports_include": [],
      "url": "",
      "udp_scan_ports_exclude": "",
      "agent_only": ""
    },
    "debug": "",
    "all_hosts_failed": "",
    "range": "",
    "agent_uuids": "",
    "elapsed_seconds": "",
    "average_host_score": "",
    "start_date": "",
    "last_error": "",
    "host_count": "",
    "credential_limit": "",
    "url": "",
    "end_date": "",
    "network": {
      "include_ips": "",
      "virtual_hosts": [],
      "scap_agent_persist": "",
      "exclude_ips": "",
      "url": "",
      "asset_value": "",
      "notes": "",
      "favor_netbios_name": "",
      "owner": "",
      "effective_ranges": "",
      "active": "",
      "name": "",
      "system": "",
      "host_tracking": {
        "correlation_threshold": "",
        "correlation_values": {
          "Port Signature": "",
          "OS Fingerprint": "",
          "Operating System": "",
          "NetBIOS Name": "",
          "IP Address": "",
          "DNS Name": "",
          "Apparent MAC Address": ""
        },
        "correlation_method": ""
      }
    },
    "pool": {
      "notes": "",
      "appliances": [
        {
          "aap_uuid": "",
          "hardware_type": "",
          "error": "",
          "is_up": "",
          "cloud": "",
          "authentication_key": "",
          "aap_timestamp": "",
          "aspl_version": "",
          "hard_connection_limit": "",
          "name": "",
          "last_reboot": "",
          "reboot_pending": "",
          "dns_servers": [],
          "aap_agent_count": "",
          "interfaces": [
            {
              "ip_address": "",
              "name": ""
            }
          ],
          "soft_connection_limit": "",
          "aap_is_up": "",
          "ip_address": "",
          "last_update_seconds": "",
          "software_version": "",
          "last_update": "",
          "url": "",
          "default_soft_connection_limit": "",
          "is_local": ""
        }
      ],
      "generated": "",
      "url": "",
      "name": "",
      "allow_agent_processing": ""
    }
  }
]

operation: Resume Scan

Input parameters

Parameter Description
Scan Name Name of the paused scan that you want to resume on Tripwire IP360.

Output

The output contains the following populated JSON schema:

[
  {
    "ontology_version": "",
    "special_scan": "",
    "status": "",
    "rejected": "",
    "scan_type": "",
    "vuln_count": "",
    "name": "",
    "scan_profile": {
      "discovery_udp": "",
      "host_config_check": "",
      "scap_scan_policies": [],
      "credentials_webhttp": "",
      "webapp_scan": "",
      "discovery_icmp": "",
      "discovery_tcp_ports": [],
      "rate_limit": "",
      "discovery_tcp": "",
      "app_scan_adjusted_type": "",
      "app_scan": "",
      "credentials_smb": "",
      "rules_intrusive": "",
      "system": "",
      "tcp_scan_ports_include": [
        "5"
      ],
      "tcp_scan": "",
      "webapp_recursion_limit": "",
      "app_scan_limited": "",
      "udp_scan_ports_only": "",
      "fingerprint_scan": "",
      "vuln_scan_adjusted_vulns": [],
      "credentials_webform": "",
      "app_scan_adjusted_apps": [],
      "schedule": "",
      "rules_custom": "",
      "credentials_ssh": "",
      "background_port_scan": "",
      "tcp_scan_ports_exclude": "",
      "app_scan_adjusted": "",
      "rules_verified": "",
      "fingerprint_scan_legacy": "",
      "vuln_scan_adjusted": "",
      "discovery_udp_ports": "",
      "tcp_scan_ports_only": "",
      "active": "",
      "background_port_scan_rate": "",
      "udp_scan": "",
      "app_scan_extensive": "",
      "name": "",
      "traversal_random": "",
      "vuln_scan": "",
      "vuln_scan_adjusted_type": "",
      "credentials_snmp": "",
      "scap_scan": "",
      "rules_auth_attempt": "all",
      "webapp_page_limit": "",
      "udp_scan_ports_include": [],
      "url": "",
      "udp_scan_ports_exclude": "",
      "agent_only": ""
    },
    "debug": "",
    "all_hosts_failed": "",
    "range": "",
    "agent_uuids": "",
    "elapsed_seconds": "",
    "average_host_score": "",
    "start_date": "",
    "last_error": "",
    "host_count": "",
    "credential_limit": "",
    "url": "",
    "end_date": "",
    "network": {
      "include_ips": "",
      "virtual_hosts": [],
      "scap_agent_persist": "",
      "exclude_ips": "",
      "url": "",
      "asset_value": "",
      "notes": "",
      "favor_netbios_name": "",
      "owner": "",
      "effective_ranges": "",
      "active": "",
      "name": "",
      "system": "",
      "host_tracking": {
        "correlation_threshold": "",
        "correlation_values": {
          "Port Signature": "",
          "OS Fingerprint": "",
          "Operating System": "",
          "NetBIOS Name": "",
          "IP Address": "",
          "DNS Name": "",
          "Apparent MAC Address": ""
        },
        "correlation_method": ""
      }
    },
    "pool": {
      "notes": "",
      "appliances": [
        {
          "aap_uuid": "",
          "hardware_type": "",
          "error": "",
          "is_up": "",
          "cloud": "",
          "authentication_key": "",
          "aap_timestamp": "",
          "aspl_version": "",
          "hard_connection_limit": "",
          "name": "",
          "last_reboot": "",
          "reboot_pending": "",
          "dns_servers": [],
          "aap_agent_count": "",
          "interfaces": [
            {
              "ip_address": "",
              "name": ""
            }
          ],
          "soft_connection_limit": "",
          "aap_is_up": "",
          "ip_address": "",
          "last_update_seconds": "",
          "software_version": "",
          "last_update": "",
          "url": "",
          "default_soft_connection_limit": "",
          "is_local": ""
        }
      ],
      "generated": "",
      "url": "",
      "name": "",
      "allow_agent_processing": ""
    }
  }
]

operation: Get Vulnerabilities

Input parameters

Parameter Description
Search Text (Optional) Text based on which you want to filter vulnerabilities from Tripwire IP360.
If you do not specify any search content, then all available vulnerabilities are retrieved from Tripwire IP360.
Limit (Optional) Maximum number of results that this operation should return.
Offset (Optional) Index of the first item that this operation should return.

Output

The output contains the following populated JSON schema:

{
  "count": "",
  "results": [
    {
      "strategy": {
        "url": "",
        "description": "",
        "name": ""
      },
      "priority": "",
      "name": "",
      "risk": {
        "level": "",
        "url": "",
        "description": "",
        "name": ""
      },
      "solution": {
        "url": "",
        "description": "",
        "name": ""
      },
      "url": "",
      "description": "",
      "cvssv2": "",
      "cvssv3": "",
      "cves": [],
      "skill": {
        "level": "",
        "url": "",
        "description": "",
        "name": ""
      },
      "advisories": [
        {
          "website": "",
          "link": "",
          "name": ""
        }
      ]
    }
  ],
  "next": "",
  "previous": ""
}

operation: Run Agent

Input parameters

Parameter Description
Name System name of the axon agent that you want to run for system data collection on Tripwire IP360.

Output

The output contains the following populated JSON schema:

[
  {
    "url": "",
    "axon_agent": "",
    "command": "",
    "command_args": "",
    "issued_date": "",
    "status": "",
    "started_date": "",
    "completed_date": "",
    "error_str": ""
  }
]

operation: Get Agents

Input parameters

Parameter Description
Search Text (Optional) Text based on which you want to filter axon agents from Tripwire IP360.
If you do not specify any search content, then all available axon agents are retrieved from Tripwire IP360.
Limit (Optional) Maximum number of results that this operation should return.
Offset (Optional) Index of the first item that this operation should return.

Output

The output contains the following populated JSON schema:

{
  "count": "",
  "next": "",
  "previous": "",
  "results": [
    {
      "url": "",
      "ip_address": "",
      "name": "",
      "dns_name": "",
      "netbios_name": "",
      "os_name": "",
      "os_version": "",
      "architecture": "",
      "agent_uuid": "",
      "aap_uuid": "",
      "agent_version": "",
      "plugin_version": "",
      "last_seen": "",
      "last_scan": "",
      "is_up": "",
      "latest_tasks": {
        "scan_now": {
          "url": "",
          "axon_agent": "",
          "command": "",
          "command_args": "",
          "issued_date": "",
          "status": "",
          "started_date": "",
          "completed_date": "",
          "error_str": ""
        }
      },
      "support_bundle": "",
      "first_seen": "",
      "last_audit": "",
      "score": "",
      "asset": "",
      "deleted_datetime": ""
    }
  ]
}

operation: Get Assets

Input parameters

Parameter Description
Search Text (Optional) Text based on which you want to filter assets from Tripwire IP360.
If you do not specify any search content, then all available assets are retrieved from Tripwire IP360.
Limit (Optional) Maximum number of results that this operation should return.
Offset (Optional) Index of the first item that this operation should return.

Output

The output contains the following populated JSON schema:

{
  "count": "",
  "next": "",
  "previous": "",
  "results": [
    {
      "url": "",
      "ip_address": "",
      "dns_name": "",
      "netbios_name": "",
      "last_seen": "",
      "first_seen": "",
      "score": "",
      "domain_name": "",
      "operating_system": "",
      "network": {
        "url": "",
        "name": "",
        "active": "",
        "owner": "",
        "notes": "",
        "scap_agent_persist": "",
        "favor_netbios_name": "",
        "asset_value": "",
        "include_ips": "",
        "exclude_ips": "",
        "effective_ranges": "",
        "host_tracking": {
          "correlation_threshold": "",
          "correlation_method": "",
          "correlation_values": {
            "DNS Name": "",
            "OS Fingerprint": "",
            "NetBIOS Name": "",
            "Port Signature": "",
            "IP Address": "",
            "Apparent MAC Address": "",
            "Operating System": ""
          }
        },
        "virtual_hosts": [],
        "system": ""
      },
      "mac_address": "",
      "asset_value": "",
      "notes": "",
      "owner": "",
      "in_tripwire_enterprise": ""
    }
  ]
}

operation: Get Audits

Input parameters

Parameter Description
Search Text (Optional) Text based on which you want to filter audits (all scan activity details) from Tripwire IP360.
If you do not specify any search content, then all available audits are retrieved from Tripwire IP360.
Limit (Optional) Maximum number of results that this operation should return.
Offset (Optional) Index of the first item that this operation should return.

Output

The output contains the following populated JSON schema:

{
  "count": "",
  "next": "",
  "previous": "",
  "results": [
    {
      "url": "",
      "network": {
        "url": "",
        "name": "",
        "active": "",
        "system": ""
      },
      "host_count": "",
      "vuln_count": "",
      "average_host_score": "",
      "start_date": "",
      "end_date": "",
      "elapsed_seconds": "",
      "progress": "",
      "ontology_version": "",
      "scan_profile": {
        "url": "",
        "name": "",
        "active": "",
        "system": "",
        "agent_only": ""
      },
      "pool": {
        "url": "",
        "name": "",
        "generated": "",
        "notes": "",
        "is_up": "",
        "allow_agent_processing": ""
      },
      "status": "",
      "scan_type": "",
      "debug": "",
      "special_scan": "",
      "credential_limit": "",
      "range": "",
      "rejected": "",
      "last_error": "",
      "all_hosts_failed": "",
      "name": "",
      "agent_uuids": ""
    }
  ]
}

Included playbooks

The Sample - Tripwire IP360 - 1.0.0 playbook collection comes bundled with the Tripwire IP360 connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Tripwire IP360 connector.

  • Agent: Run Agent
  • Agent: Get Agents
  • Configuration: Configure New Scan
  • Configuration: Get Scan Configurations
  • Configuration: Update Scan Configuration
  • Configuration: Delete Scan Configuration
  • Get Assets
  • Get Audits
  • Get Vulnerabilities
  • Profile: Create Scan Profile
  • Profile: Get Scan Profiles
  • Profile: Update Scan Profile
  • Profile: Delete Scan Profile
  • Network: Create Network
  • Network: Get Networks
  • Network: Update Network
  • Network: Delete Network
  • Scan: Start Scan
  • Scan: Cancel Scan
  • Scan: Pause Scan
  • Scan: Resume Scan

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.

Previous
Next

About the connector

Tripwire IP360 Connector provides an enterprise-class vulnerability management solution, whose vulnerability prioritization is more precise than basic scoring. It ranks vulnerabilities with a numeric score based on impact, ease of exploit, and age. Its unique fingerprinting technology limits scans to relevant device and application types.

This document provides information about the Tripwire IP360 connector, which facilitates automated interactions with a Tripwire IP360 server using FortiSOAR™ playbooks. Add the Tripwire IP360 connector as a step in FortiSOAR™ playbooks and perform automated operations, such as adding a new scan configuration for scanning on Tripwire IP360, retrieving available scan configurations from Tripwire IP360, and creating a new scan profile on Tripwire IP360.

Version information

Connector Version: 1.0.0

FortiSOAR™ Versions Tested on: 4.11.0-1161

Authored By: Fortinet

Certified: Yes

Installing the connector

All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum command to install connectors:

yum install cyops-connector-tripwire-ip360

For the detailed procedure to install a connector, click here.

Prerequisites to configuring the connector

Configuring the connector

For the procedure to configure a connector, click here.

Configuration parameters

In FortiSOAR™, on the Connectors page, click the Tripwire IP360 connector row, and in the Configuration tab enter the required configuration details.

Parameter Description
Server URL URL of the Tripwire IP360 server to which you will connect and perform the automated operations.
Username Username configured for your account to access the Tripwire IP360 server to which you will connect and perform the automated operations
Password Password configured for your account to access the Tripwire IP360 server to which you will connect and perform the automated operations.
Verify SSL Specifies whether the SSL certificate for the server is to be verified or not.
By default, this option is set as True.

Actions supported by the connector

The following automated operations can be included in playbooks, and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

Function Description Annotation and Category
Configure New Scan Adds a new scan configuration for scanning on Tripwire IP360. add_new_scan
Investigation
Get Scan Configurations Retrieves all scan configurations or a specific scan configuration, based on the search text you have specified, from Tripwire IP360. get_scans
Investigation
Update Scan Configuration Updates an existing scan configuration, based on the scan name and other input parameters you have specified, on Tripwire IP360. update_scan_config
Investigation
Delete Scan Configuration Deletes a scan configuration, based on the scan name you have specified, from Tripwire IP360. delete_scans
Investigation
Create Scan Profile Creates a new scan profile for scanning on Tripwire IP360. create_scan_profile
Investigation
Get Scan Profiles Retrieves all scan profiles or a specific scan profile, based on the search text you have specified, from Tripwire IP360. get_scan_profiles
Investigation
Update Scan Profile Updates an existing scan profile, based on the scan name and other input parameters you have specified, on Tripwire IP360. update_scan_profile
Investigation
Delete Scan Profile Deletes a scan profile, based on the profile name you have specified, from Tripwire IP360. delete_scan_profiles
Investigation
Create Network Creates a new network on Tripwire IP360. create_network
Investigation
Get Networks Retrieves information for all networks from Tripwire IP360. get_networks
Investigation
Update Network Updates an existing network based on the network name and other input parameters you have specified, on Tripwire IP360. update_network
Investigation
Delete Network Deletes a network, based on the network name you have specified, from Tripwire IP360. delete_network
Investigation
Start Scan Starts a scan on Tripwire IP360. start_scan
Investigation
Cancel Scan Cancels an ongoing scan on Tripwire IP360. cancel_scan
Investigation
Pause Scan Pauses an ongoing scan on Tripwire IP360. pause_scan
Investigation
Resume Scan Resumes a paused scan on Tripwire IP360. resume_scan
Investigation
Get Vulnerabilities Retrieves all vulnerabilities or a specific vulnerability based on the search text and other input parameters you have specified, from Tripwire IP360. get_vulnerabilities
Investigation
Run Agent Runs an axon agent for system data collection on Tripwire IP360. run_agent
Investigation
Get Agents Retrieves information for all axon agents or a specific axon agent, based on the search text and other input parameters you have specified, from Tripwire IP360. get_agent
Investigation
Get Assets Retrieves information for all assets or a specific asset based on the search text and other input parameters you have specified, from Tripwire IP360. get_assets
Investigation
Get Audits Retrieves information for all audits (scan activity details) or a specific audit based on the search text and other input parameters you have specified, from Tripwire IP360. get_audits
Investigation

operation: Configure New Scan

Input parameters

Parameter Description
Name Name of the scan that you want to create on the Tripwire IP360 server.
Status Select the Statuscheckbox, i.e., set it to True, if you want set the status of the scan to active. Otherwise, it remains Inactive.
By default, it is checked, i.e., it is set as True.
Scan Profile Scan profile used for scanning that will apply to the new scan that you want to create on the Tripwire IP360 server.
You can select the profile from the available profiles such as, Tripwire: Standard Profile, Tripwire: Host Inventory, Tripwire: Agent-only, which are listed in the Scan Profile drop-down list.
Network Network used for scanning that will apply to the new scan that you want to create on the Tripwire IP360 server.
You can select the network from the available networks, which are listed in the Network drop-down list.
Appliance Pool Appliance Pool used for scanning that will apply to the new scan that you want to create on the Tripwire IP360 server.
You can select the appliance pool from the available appliance pools, which are listed in the Appliance Pool drop-down list.
On Demand Select the On Demandcheckbox, i.e., set it to True, if you want set the scan type as On Demand.
By default, it is checked, i.e., it is set as True.
If True is selected from the On Demand drop-down box, then the Schedule Start drop-down box is displayed and if you select True from the Schedule Start drop-down box, i.e., if you want to create the new scan as a scheduled scan then you must specify the following parameters:
  • Scan Start DateTime: Datetime for the scan to start in the mm/dd/yyyy, hh:mm ss format.
  • Scan End DateTime: Datetime for the scan to start in the mm/dd/yyyy, hh:mm ss format.
  • Restrict IP Space: Restricts the scan to only the IP addresses, CIDRs, or ranges that you have specified and which are delimited by commas or spaces.
  • Debug Scan: Select the On Demand checkbox, i.e., set it to True, to enable debugging for the scan.
    By default, it is checked, i.e., it is set as True.

Output

The output contains the following populated JSON schema:

{
  "name": "",
  "url": "",
  "schedule_failed": "",
  "is_debug": "",
  "scan_end_datetime": "",
  "pool": "",
  "fault_string": "",
  "scan_profile": "",
  "scan_start_datetime": "",
  "range": "",
  "network": "",
  "rejected": "",
  "audit": ""
}

operation: Get Scan Configurations

Input parameters

Parameter Description
Search Text (Optional) Text based on which you want to filter scan configurations from Tripwire IP360.
If you do not specify any search content, then all available scan configurations are retrieved from Tripwire IP360.

Output

The output contains the following populated JSON schema:

{
  "count": "",
  "next": "",
  "previous": "",
  "results": [
    {
      "url": "",
      "name": "",
      "active": "",
      "status": "",
      "on_demand": "",
      "network": {
        "url": "",
        "name": "",
        "active": "",
        "owner": "",
        "notes": "",
        "scap_agent_persist": "",
        "favor_netbios_name": "",
        "asset_value": "",
        "include_ips": "",
        "exclude_ips": "",
        "effective_ranges": "",
        "host_tracking": {
          "correlation_threshold": "",
          "correlation_method": "",
          "correlation_values": {
            "DNS Name": "",
            "OS Fingerprint": "",
            "NetBIOS Name": "",
            "Port Signature": "",
            "IP Address": "",
            "Apparent MAC Address": "",
            "Operating System": ""
          }
        },
        "virtual_hosts": [],
        "system": ""
      },
      "scan_profile": {
        "url": "",
        "name": "",
        "active": "",
        "system": "",
        "discovery_tcp_ports": [],
        "discovery_tcp": "",
        "discovery_udp": "",
        "discovery_udp_ports": "",
        "discovery_icmp": "",
        "host_config_check": "",
        "background_port_scan": "",
        "background_port_scan_rate": "",
        "fingerprint_scan": "",
        "fingerprint_scan_legacy": "",
        "app_scan": "",
        "app_scan_limited": "",
        "app_scan_extensive": "",
        "udp_scan": "",
        "tcp_scan": "",
        "udp_scan_ports_exclude": "",
        "udp_scan_ports_include": [],
        "udp_scan_ports_only": "",
        "tcp_scan_ports_only": "",
        "tcp_scan_ports_include": [],
        "tcp_scan_ports_exclude": "",
        "vuln_scan": "",
        "vuln_scan_adjusted": "",
        "vuln_scan_adjusted_type": "",
        "vuln_scan_adjusted_vulns": [],
        "app_scan_adjusted": "",
        "app_scan_adjusted_type": "",
        "app_scan_adjusted_apps": [],
        "webapp_scan": "",
        "webapp_recursion_limit": "",
        "webapp_page_limit": "",
        "credentials_webhttp": "",
        "credentials_webform": "",
        "credentials_ssh": "",
        "credentials_smb": "",
        "credentials_snmp": "",
        "rules_auth_attempt": "",
        "rules_custom": "",
        "rules_intrusive": "",
        "rules_verified": "",
        "scap_scan": "",
        "scap_scan_policies": [],
        "rate_limit": "",
        "traversal_random": "",
        "schedule": "",
        "agent_only": ""
      },
      "pool": {
        "url": "",
        "name": "",
        "generated": "",
        "notes": "",
        "appliances": [
          {
            "url": "",
            "name": "",
            "ip_address": "",
            "authentication_key": "",
            "is_local": "",
            "software_version": "",
            "aap_uuid": "",
            "aspl_version": "",
            "cloud": "",
            "error": "",
            "reboot_pending": "",
            "last_reboot": "",
            "last_update": "",
            "last_update_seconds": "",
            "is_up": "",
            "default_soft_connection_limit": "",
            "soft_connection_limit": "",
            "hard_connection_limit": "",
            "hardware_type": "",
            "dns_servers": [],
            "interfaces": [
              {
                "name": "",
                "ip_address": ""
              }
            ],
            "aap_is_up": "",
            "aap_timestamp": "",
            "aap_agent_count": ""
          }
        ],
        "allow_agent_processing": ""
      },
      "last_completed_datetime": "",
      "next_scan_time": "",
      "next_scan_immediate": "",
      "fault_string": ""
    }
  ]
}

operation: Update Scan Configuration

Input parameters

Parameter Description
Scan Name Name of the scan that you want to update on the Tripwire IP360 server.
New Name New name of the existing scan that you want to update on the Tripwire IP360 server.
Status Select the Statuscheckbox, i.e., set it to True, if you want set the status of the scan to active. Otherwise, it remains Inactive.
By default, it is checked, i.e., it is set as True.
You can change the status of the specified existing scan.
Scan Profile Scan profile used for scanning that will apply to the existing specified scan that you want to update on the Tripwire IP360 server.
You can select the profile from the available profiles such as, Tripwire: Standard Profile, Tripwire: Host Inventory, Tripwire: Agent-only, which are listed in the Scan Profile drop-down list.
Network Network used for scanning that will apply to the existing specified scan that you want to update on the Tripwire IP360 server.
You can select the network from the available networks, which are listed in the Network drop-down list.
Appliance Pool Appliance Pool used for scanning that will apply to the existing specified scan that you want to update on the Tripwire IP360 server.
You can select the appliance pool from the available appliance pools, which are listed in the Appliance Pool drop-down list.
On Demand Select the On Demandcheckbox, i.e., set it to True, if you want set the scan type as On Demand.
By default, it is checked, i.e., it is set as True.
Schedule Start (Optional) You can change the scheduled start of the specified existing scheduled scan configuration.
If you select True from the Schedule Start drop-down box, i.e., if you want to update the existing specified scan as a scheduled scan then you must specify the following parameters:
  • Scan Start DateTime: Datetime for the scan to start in the mm/dd/yyyy, hh:mm ss format.
  • Scan End DateTime: Datetime for the scan to start in the mm/dd/yyyy, hh:mm ss format.
  • Restrict IP Space: Restricts the scan to only the IP addresses, CIDRs, or ranges that you have specified and which are delimited by commas or spaces.
  • Debug Scan: Select the On Demand checkbox, i.e., set it to True, to enable debugging for the scan. Otherwise, debugging for the scan is disabled.
    By default, it is checked, i.e., it is set as True.

Output

The output contains the following populated JSON schema:

{
  "url": "",
  "name": "",
  "active": "",
  "network": "",
  "scan_profile": "",
  "pool": "",
  "last_completed_datetime": "",
  "next_scan_immediate": "",
  "next_scan_time": "",
  "fault_string": ""
}

operation: Delete Scan Configuration

Input parameters

Parameter Description
Scan Name Name of the scan whose configuration you want to delete from Tripwire IP360.

Output

The output contains a string message containing the result of the operation, such as Successfully deleted scan configuration if the scan configuration is deleted successfully from Tripwire IP360.

operation: Create Scan Profile

Input parameters

Parameter Description
Name Name of the scan profile that you want to create on the Tripwire IP360 server.
Status Select the Statuscheckbox, i.e., set it to True, if you want set the status of the scan profile to active. Otherwise, it remains Inactive.
By default, it is checked, i.e., it is set as True.
Agent Only Scan Select the Agent Only Scan checkbox, i.e., set it to True, if you want the scan profile to include all assets with agents installed regardless of network.
By default, it is not checked, i.e., it is set as False.
Credentials Credential type for the scan profile that you want to create on the Tripwire IP360 server. You can choose from the following options: Windows, SSH, SNMP, HTTP, or Web Form.
Application Scan Select the Application Scan checkbox, i.e., set it to True, if you want the scan profile to include an application scan.
By default, it is checked, i.e., it is set as True.
Vulnerability Scan Select the Vulnerability Scan checkbox, i.e., set it to True, if you want the scan profile to include a vulnerability scan.
By default, it is checked, i.e., it is set as True.
Web Application Scan Select the Web Application Scan checkbox, i.e., set it to True, if you want the scan profile to include a web application scan.
By default, it is checked, i.e., it is set as True.
Webapp Recursion Limit (Optional) Webapp recursion limit to be set for the scan profile that you want to create on the Tripwire IP360 server.
Webapp Page Limit (Optional) Webapp page limit to be set for the scan profile that you want to create on the Tripwire IP360 server.
Discovery Scans Scan type to be used for the scan profile that you want to create on the Tripwire IP360 server. You can choose from the following options: OS Fingerprinting, Legacy OS Fingerprinting, Ping Scan, TCP Port Scan, or UDP Port Scan.
Discovery TCP Ports (Optional) TCP port list to be set for the scan profile that you want to create on the Tripwire IP360 server.
Discovery UDP Ports (Optional) UDP port list to be set for the scan profile that you want to create on the Tripwire IP360 server.
TCP Scan Ports Only (Optional) Restrict scanning of TCP ports to only the list specified in this field for the scan profile that you want to create on the Tripwire IP360 server.
TCP Scan Ports Include (Optional) List of TCP scan ports to be included in the scan profile that you want to create on the Tripwire IP360 server.
TCP Scan Ports Exclude (Optional) List of TCP scan ports to be excluded from the scan profile that you want to create on the Tripwire IP360 server.
UDP Scan Ports Include (Optional) List of UDP scan ports to be included in the scan profile that you want to create on the Tripwire IP360 server.
UDP Scan Ports Exclude (Optional) List of UDP scan ports to be excluded from the scan profile that you want to create on the Tripwire IP360 server.
Background Port Detection Select the Background Port Detection checkbox, i.e., set it to True, if you want the scan profile to include running of additional full port detection scans in the background to detect open ports not included in current scans. Discovered ports will automatically be used in future scans.
By default, it is not checked, i.e., it is set as False.
Background Port Rate Limit (Optional) Only applicable if you have selected the Background Port Detection option. Ports per second to be checked during full port detection scans in the background.
Scap Scan Select the Scap Scan checkbox, i.e., set it to True, if you want the scan profile to include a scap scan.
By default, it is not checked, i.e., it is set as False.
Scap Scan Policies (Optional) Only applicable if you have selected the >Scap Scan option. List of scap scan policies to be included in the scap scan.
Fast Application Scan Select the Fast Application Scan checkbox, i.e., set it to True, if you want to scan only the applications associated with the selected vulnerabilities.
By default, it is not checked, i.e., it is set as False.
IP Traversal (Optional) Type of IP Traversal to be included in the scan profile that you want to create on the Tripwire IP360 server. You can choose between Random or Sequential.
Host Configuration Check Select the Host Configuration Check checkbox, i.e., set it to True, if you want to include a host configuration check in the scan profile that you want to create on the Tripwire IP360 server.
By default, it is checked, i.e., it is set as True.
Extensive Application Scan Select the Extensive Application Scan checkbox, i.e., set it to True, if you want to include an extensive application scan in the scan profile that you want to create on the Tripwire IP360 server.
By default, it is not checked, i.e., it is set as False.
Rules Verified (Optional) All predefined rules, including customer-created rules will be flagged in the scan profile according to the option you select for this field. You can choose from the following options: Use, Require, or Exclude.
Rules Intrusive (Optional) Rules are run against lab systems will be included in the scan profile based on the option you select for this field. You can choose from the following options: Use, Require, or Exclude.
Custom Rules (Optional) Rules that are created by a user will be included in the scan profile based on the option you select for this field. You can choose from the following options: Use, Require, or Exclude.
Rate Limit (Optional) Rate limit for scanning to be included in the scan profile.
Vulnerability Scan Adjusted Select the Vulnerability Scan Adjusted checkbox, i.e., set it to True, if you want to scan only for applications associated with the selected vulnerabilities in the scan profile that you want to create on the Tripwire IP360 server.
By default, it is checked, i.e., it is set as True.
If Vulnerability Scan Adjusted checkbox is checked, i.e., set it to True, then the following fields are displayed, whose parameters you can set:
  • Vulnerability Scan Adjusted Type: (Optional) Set the type as Excluded or Only.
  • Vulnerability Scan Adjusted Vulns: (Optional) Specify the list of vulnerabilities to check.

Output

The output contains the following populated JSON schema:

{
  "name": "",
  "url": "",
  "active": "",
  "system": "",
  "discovery_tcp_ports": [],
  "discovery_tcp": "",
  "discovery_udp": "",
  "discovery_udp_ports": "",
  "discovery_icmp": "",
  "host_config_check": "",
  "background_port_scan": "",
  "background_port_scan_rate": "",
  "fingerprint_scan": "",
  "fingerprint_scan_legacy": "",
  "app_scan": "",
  "app_scan_limited": "",
  "app_scan_extensive": "",
  "udp_scan": "",
  "tcp_scan": "",
  "udp_scan_ports_exclude": "",
  "udp_scan_ports_include": [],
  "udp_scan_ports_only": "",
  "tcp_scan_ports_only": "",
  "tcp_scan_ports_include": [
    "5"
  ],
  "tcp_scan_ports_exclude": "",
  "vuln_scan": "",
  "vuln_scan_adjusted": "",
  "vuln_scan_adjusted_type": "",
  "vuln_scan_adjusted_vulns": [],
  "app_scan_adjusted": "",
  "app_scan_adjusted_type": "",
  "app_scan_adjusted_apps": [],
  "webapp_scan": "",
  "webapp_recursion_limit": "",
  "webapp_page_limit": "",
  "credentials_webhttp": "",
  "credentials_webform": "",
  "credentials_ssh": "",
  "credentials_smb": "",
  "credentials_snmp": "",
  "rules_auth_attempt": "",
  "rules_custom": "",
  "rules_intrusive": "",
  "rules_verified": "",
  "scap_scan": "",
  "scap_scan_policies": [],
  "rate_limit": "",
  "traversal_random": "",
  "schedule": "",
  "agent_only": ""
}

operation: Get Scan Profiles

Input parameters

Parameter Description
Search Text (Optional) Text based on which you want to filter scan profiles from Tripwire IP360.
If you do not specify any search content, then all available scan profiles are retrieved from Tripwire IP360.

Output

The output contains the following populated JSON schema:

{
  "previous": "",
  "results": [
    {
      "url": "",
      "window_enabled": "",
      "window_start": "",
      "timezone": "",
      "days": "",
      "window_end": "",
      "weekdays": "",
      "frequency_period": "",
      "frequency_max": "",
      "weeks": "",
      "name": ""
    }
  ],
  "next": "",
  "count": ""
}

operation: Update Scan Profile

Input parameters

Parameter Description
Profile Name Name of the scan profile that you want to update on the Tripwire IP360 server.
Name New name of the existing scan profile that you want to update on the Tripwire IP360 server.
Status Select the Statuscheckbox, i.e., set it to True, if you want set the status of the scan profile to active. Otherwise, it remains Inactive.
By default, it is checked, i.e., it is set as True.
Agent Only Scan Select the Agent Only Scan checkbox, i.e., set it to True, if you want the scan profile to include all assets with agents installed regardless of network.
By default, it is not checked, i.e., it is set as False.
Credentials Credential type for the scan profile that you want to update on the Tripwire IP360 server. You can choose from the following options: Windows, SSH, SNMP, HTTP, or Web Form.
Application Scan Select the Application Scan checkbox, i.e., set it to True, if you want the scan profile to include an application scan.
By default, it is checked, i.e., it is set as True.
Vulnerability Scan Select the Vulnerability Scan checkbox, i.e., set it to True, if you want the scan profile to include a vulnerability scan.
By default, it is checked, i.e., it is set as True.
Web Application Scan Select the Web Application Scan checkbox, i.e., set it to True, if you want the scan profile to include a web application scan.
By default, it is checked, i.e., it is set as True.
Webapp Recursion Limit (Optional) Webapp recursion limit to be set for the scan profile that you want to update on the Tripwire IP360 server.
Webapp Page Limit (Optional) Webapp page limit to be set for the scan profile that you want to update on the Tripwire IP360 server.
Discovery Scans Scan type to be used for the scan profile that you want to update on the Tripwire IP360 server. You can choose from the following options: OS Fingerprinting, Legacy OS Fingerprinting, Ping Scan, TCP Port Scan, or UDP Port Scan.
Discovery TCP Ports (Optional) TCP port list to be set for the scan profile that you want to update on the Tripwire IP360 server.
Discovery UDP Ports (Optional) UDP port list to be set for the scan profile that you want to update on the Tripwire IP360 server.
TCP Scan Ports Only (Optional) Restrict scanning of TCP ports to only the list specified in this field for the scan profile that you want to update on the Tripwire IP360 server.
TCP Scan Ports Include (Optional) List of TCP scan ports to be included in the scan profile that you want to update on the Tripwire IP360 server.
TCP Scan Ports Exclude (Optional) List of TCP scan ports to be excluded from the scan profile that you want to update on the Tripwire IP360 server.
UDP Scan Ports Include (Optional) List of UDP scan ports to be included in the scan profile that you want to update on the Tripwire IP360 server.
UDP Scan Ports Exclude (Optional) List of UDP scan ports to be excluded from the scan profile that you want to update on the Tripwire IP360 server.
Background Port Detection Select the Background Port Detection checkbox, i.e., set it to True, if you want the scan profile to include running of additional full port detection scans in the background to detect open ports not included in current scans. Discovered ports will automatically be used in future scans.
By default, it is not checked, i.e., it is set as False.
Background Port Rate Limit (Optional) Only applicable if you have selected the Background Port Detection option. Ports per second to be checked during full port detection scans in the background.
Scap Scan Select the Scap Scan checkbox, i.e., set it to True, if you want the scan profile to include a scap scan.
By default, it is not checked, i.e., it is set as False.
Scap Scan Policies (Optional) Only applicable if you have selected the >Scap Scan option. List of scap scan policies to be included in the scap scan.
Fast Application Scan Select the Fast Application Scan checkbox, i.e., set it to True, if you want to scan only the applications associated with the selected vulnerabilities.
By default, it is not checked, i.e., it is set as False.
IP Traversal (Optional) Type of IP Traversal to be included in the scan profile that you want to update on the Tripwire IP360 server. You can choose between Random or Sequential.
Host Configuration Check Select the Host Configuration Check checkbox, i.e., set it to True, if you want to include a host configuration check in the scan profile that you want to update on the Tripwire IP360 server.
By default, it is checked, i.e., it is set as True.
Extensive Application Scan Select the Extensive Application Scan checkbox, i.e., set it to True, if you want to include an extensive application scan in the scan profile that you want to update on the Tripwire IP360 server.
By default, it is not checked, i.e., it is set as False.
Rules Verified (Optional) All predefined rules, including customer-created rules will be flagged in the scan profile according to the option you select for this field. You can choose from the following options: Use, Require, or Exclude.
Rules Intrusive (Optional) Rules are run against lab systems will be included in the scan profile based on the option you select for this field. You can choose from the following options: Use, Require, or Exclude.
Custom Rules (Optional) Rules that are created by user will be included in the scan profile based on the option you select for this field. You can choose from the following options: Use, Require, or Exclude.
Rate Limit (Optional) Rate limit for scanning to be included in the scan profile.
Vulnerability Scan Adjusted Select the Vulnerability Scan Adjusted checkbox, i.e., set it to True, if you want to scan only for applications associated with the selected vulnerabilities in the scan profile that you want to update on the Tripwire IP360 server.
By default, it is checked, i.e., it is set as True.
Vulnerability Scan Adjusted Type (Optional) Applicable only if you have selected the Vulnerability Scan Adjusted checkbox. Set the type as excludedor only.
Vulnerability Scan Adjusted Vulns (Optional) Applicable only if you have selected the Vulnerability Scan Adjusted checkbox. Specify the list of vulnerabilities to check.

Output

The output contains the following populated JSON schema:

{
  "credentials_webform": "",
  "webapp_page_limit": "",
  "rules_custom": "",
  "app_scan_limited": "",
  "active": "",
  "traversal_random": "",
  "udp_scan": "",
  "app_scan_adjusted": "",
  "credentials_snmp": "",
  "discovery_tcp": "",
  "app_scan": "",
  "vuln_scan_adjusted_vulns": [],
  "discovery_icmp": "",
  "tcp_scan_ports_include": [],
  "app_scan_adjusted_apps": [],
  "discovery_tcp_ports": [],
  "system": "",
  "fingerprint_scan_legacy": "",
  "app_scan_extensive": "",
  "vuln_scan": "",
  "discovery_udp": "",
  "rules_verified": "",
  "udp_scan_ports_include": "",
  "agent_only": "",
  "credentials_smb": "",
  "schedule": "",
  "credentials_ssh": "",
  "udp_scan_ports_exclude": "",
  "rate_limit": "",
  "host_config_check": "",
  "tcp_scan": "",
  "tcp_scan_ports_exclude": "",
  "background_port_scan_rate": "",
  "credentials_webhttp": "",
  "rules_intrusive": "",
  "vuln_scan_adjusted_type": "",
  "scap_scan_policies": [],
  "rules_auth_attempt": "",
  "vuln_scan_adjusted": "",
  "url": "",
  "udp_scan_ports_only": [],
  "app_scan_adjusted_type": "",
  "scap_scan": "",
  "tcp_scan_ports_only": "",
  "webapp_recursion_limit": "",
  "name": "",
  "discovery_udp_ports": [],
  "webapp_scan": "",
  "fingerprint_scan": "",
  "background_port_scan": ""
}

operation: Delete Scan Profile

Input parameters

Parameter Description
Profile Name Name of the scan profile that you want to delete from Tripwire IP360.

Output

The output contains a string message containing the result of the operation, such as Successfully deleted scan profile if the scan profile is deleted successfully from Tripwire IP360.

operation: Create Network

Input parameters

Parameter Description
Name Name of the new network that you want to add to Tripwire IP360.
Owner (Optional) Owner of the new network that you want to add to Tripwire IP360.
Status Select the Statuscheckbox, i.e., set it to True, if you want set the status of the network to active. Otherwise, it remains Inactive.
By default, it is not checked, i.e., it is set as False.
Include IPs List of IP addresses such as hostnames, IPv4, IPv6, CIDR, or a range that you want to include in the network that you want to add to Tripwire IP360.
Exclude IPs List of IP addresses such as hostnames, IPv4, IPv6, CIDR, or a range that you want to exclude from the network that you want to add to Tripwire IP360.
Asset Value (Optional) Asset Value of the new network that you want to add to Tripwire IP360.

Output

The output contains the following populated JSON schema:

{
  "active": "",
  "system": "",
  "url": "",
  "name": "",
  "owner": "",
  "notes": "",
  "scap_agent_persist": "",
  "favor_netbios_name": "",
  "asset_value": "",
  "include_ips": "",
  "exclude_ips": "",
  "effective_ranges": "",
  "host_tracking": {
    "correlation_threshold": "",
    "correlation_method": "",
    "correlation_values": {
      "DNS Name": "",
      "OS Fingerprint": "",
      "NetBIOS Name": "",
      "Port Signature": "",
      "IP Address": "",
      "Apparent MAC Address": "",
      "Operating System": ""
    }
  },
  "virtual_hosts": []
}

operation: Get Networks

Input parameters

None.

Output

The output contains the following populated JSON schema:

{
  "next": "",
  "results": [
    {
      "scap_agent_persist": "",
      "owner": "",
      "asset_value": "",
      "virtual_hosts": [],
      "favor_netbios_name": "",
      "url": "",
      "active": "",
      "system": "",
      "include_ips": "",
      "notes": "",
      "effective_ranges": "",
      "host_tracking": {
        "correlation_threshold": "",
        "correlation_values": {
          "Port Signature": "",
          "Operating System": "",
          "DNS Name": "",
          "NetBIOS Name": "",
          "IP Address": "",
          "OS Fingerprint": "",
          "Apparent MAC Address": ""
        },
        "correlation_method": ""
      },
      "exclude_ips": "",
      "name": ""
    }
  ],
  "previous": "",
  "count": ""
}

operation: Update Network

Input parameters

Parameter Description
Name Name of an existing network that you want to update on Tripwire IP360.
Name (Optional) New name of the existing scan profile that you want to update on the Tripwire IP360 server.
Owner (Optional) Owner of the new network that you want to update on Tripwire IP360.
Status Select the Statuscheckbox, i.e., set it to True, if you want set the status of the network to active. Otherwise, it remains Inactive.
By default, it is not checked, i.e., it is set as False.
Include IPs (Optional) List of IP addresses such as hostnames, IPv4, IPv6, CIDR, or a range that you want to include in the network that you want to update on Tripwire IP360.
Exclude IPs (Optional) List of IP addresses such as hostnames, IPv4, IPv6, CIDR, or a range that you want to exclude from the network that you want to update on Tripwire IP360.
Asset Value (Optional) Asset Value of the new network that you want to update on Tripwire IP360.

Output

The output contains the following populated JSON schema:

{
  "name": "",
  "url": "",
  "active": "",
  "owner": "",
  "notes": "",
  "scap_agent_persist": "",
  "favor_netbios_name": "",
  "asset_value": "",
  "include_ips": "",
  "exclude_ips": "",
  "effective_ranges": "",
  "host_tracking": {
    "correlation_threshold": "",
    "correlation_method": "",
    "correlation_values": {
      "DNS Name": "",
      "OS Fingerprint": "",
      "NetBIOS Name": "",
      "Port Signature": "",
      "IP Address": "",
      "Apparent MAC Address": "",
      "Operating System": ""
    }
  },
  "virtual_hosts": [],
  "system": ""
}

operation: Delete Network

Input parameters

Parameter Description
Name Name of the network that you want to delete from Tripwire IP360.

Output

The output contains a string message containing the result of the operation, such as Successfully deleted network if the network is deleted successfully from Tripwire IP360.

operation: Start Scan

Input parameters

Parameter Description
Scan Name Name of the scan that you want to start on Tripwire IP360.

Output

The output contains the following populated JSON schema:

{
  "url": "",
  "name": "",
  "network": "",
  "scan_profile": "",
  "pool": "",
  "range": "",
  "special_scan": "",
  "status": "",
  "scan_type": "",
  "rejected": "",
  "all_hosts_failed": "",
  "last_error": "",
  "agent_uuids": "",
  "start_date": "",
  "scan_profile_type": "",
  "credential_limit": "",
  "end_date": "",
  "debug": ""
}

operation: Cancel Scan

Input parameters

Parameter Description
Scan Name Name of the ongoing scan that you want to cancel on Tripwire IP360.

Output

The output contains the following populated JSON schema:

[
  {
    "ontology_version": "",
    "special_scan": "",
    "status": "",
    "rejected": "",
    "scan_type": "",
    "vuln_count": "",
    "name": "",
    "scan_profile": {
      "discovery_udp": "",
      "host_config_check": "",
      "scap_scan_policies": [],
      "credentials_webhttp": "",
      "webapp_scan": "",
      "discovery_icmp": "",
      "discovery_tcp_ports": [],
      "rate_limit": "",
      "discovery_tcp": "",
      "app_scan_adjusted_type": "",
      "app_scan": "",
      "credentials_smb": "",
      "rules_intrusive": "",
      "system": "",
      "tcp_scan_ports_include": [],
      "tcp_scan": "",
      "webapp_recursion_limit": "",
      "app_scan_limited": "",
      "udp_scan_ports_only": "",
      "fingerprint_scan": "",
      "vuln_scan_adjusted_vulns": [],
      "credentials_webform": "",
      "app_scan_adjusted_apps": [],
      "schedule": "",
      "rules_custom": "all",
      "credentials_ssh": "",
      "background_port_scan": "",
      "tcp_scan_ports_exclude": "",
      "app_scan_adjusted": "",
      "rules_verified": "only",
      "fingerprint_scan_legacy": "",
      "vuln_scan_adjusted": "",
      "discovery_udp_ports": "",
      "tcp_scan_ports_only": "",
      "active": "",
      "background_port_scan_rate": "",
      "udp_scan": "",
      "app_scan_extensive": "",
      "name": "",
      "traversal_random": "",
      "vuln_scan": "",
      "vuln_scan_adjusted_type": "",
      "credentials_snmp": "",
      "scap_scan": "",
      "rules_auth_attempt": "",
      "webapp_page_limit": "",
      "udp_scan_ports_include": [],
      "url": "",
      "udp_scan_ports_exclude": "",
      "agent_only": ""
    },
    "debug": "",
    "all_hosts_failed": "",
    "range": "",
    "agent_uuids": "",
    "elapsed_seconds": "",
    "average_host_score": "",
    "start_date": "",
    "last_error": "",
    "host_count": "",
    "credential_limit": "",
    "url": "",
    "end_date": "",
    "network": {
      "include_ips": "",
      "virtual_hosts": [],
      "scap_agent_persist": "",
      "exclude_ips": "",
      "url": "",
      "asset_value": "",
      "notes": "",
      "favor_netbios_name": "",
      "owner": "",
      "effective_ranges": "",
      "active": "",
      "name": "",
      "system": "",
      "host_tracking": {
        "correlation_threshold": "",
        "correlation_values": {
          "Port Signature": "",
          "OS Fingerprint": "",
          "Operating System": "",
          "NetBIOS Name": "",
          "IP Address": "",
          "DNS Name": "",
          "Apparent MAC Address": ""
        },
        "correlation_method": ""
      }
    },
    "pool": {
      "notes": "",
      "appliances": [
        {
          "aap_uuid": "",
          "hardware_type": "",
          "error": "",
          "is_up": "",
          "cloud": "",
          "authentication_key": "",
          "aap_timestamp": "",
          "aspl_version": "",
          "hard_connection_limit": "",
          "name": "",
          "last_reboot": "",
          "reboot_pending": "",
          "dns_servers": [],
          "aap_agent_count": "",
          "interfaces": [
            {
              "ip_address": "",
              "name": ""
            }
          ],
          "soft_connection_limit": "",
          "aap_is_up": "",
          "ip_address": "",
          "last_update_seconds": "",
          "software_version": "",
          "last_update": "",
          "url": "",
          "default_soft_connection_limit": "",
          "is_local": ""
        }
      ],
      "generated": "",
      "url": "",
      "name": "",
      "allow_agent_processing": ""
    }
  }
]

operation: Pause Scan

Input parameters

Parameter Description
Scan Name Name of the ongoing scan that you want to pause on Tripwire IP360.

Output

The output contains the following populated JSON schema:

[
  {
    "ontology_version": "",
    "special_scan": "",
    "status": "",
    "rejected": "",
    "scan_type": "",
    "vuln_count": "",
    "name": "",
    "scan_profile": {
      "discovery_udp": "",
      "host_config_check": "",
      "scap_scan_policies": [],
      "credentials_webhttp": "",
      "webapp_scan": "",
      "discovery_icmp": "",
      "discovery_tcp_ports": [],
      "rate_limit": "",
      "discovery_tcp": "",
      "app_scan_adjusted_type": "",
      "app_scan": "",
      "credentials_smb": "",
      "rules_intrusive": "",
      "system": "",
      "tcp_scan_ports_include": [],
      "tcp_scan": "",
      "webapp_recursion_limit": "",
      "app_scan_limited": "",
      "udp_scan_ports_only": "",
      "fingerprint_scan": "",
      "vuln_scan_adjusted_vulns": [],
      "credentials_webform": "",
      "app_scan_adjusted_apps": [],
      "schedule": "",
      "rules_custom": "",
      "credentials_ssh": "",
      "background_port_scan": "",
      "tcp_scan_ports_exclude": "",
      "app_scan_adjusted": "",
      "rules_verified": "",
      "fingerprint_scan_legacy": "",
      "vuln_scan_adjusted": "",
      "discovery_udp_ports": "",
      "tcp_scan_ports_only": "",
      "active": "",
      "background_port_scan_rate": "",
      "udp_scan": "",
      "app_scan_extensive": "",
      "name": "",
      "traversal_random": "",
      "vuln_scan": "",
      "vuln_scan_adjusted_type": "",
      "credentials_snmp": "",
      "scap_scan": "",
      "rules_auth_attempt": "",
      "webapp_page_limit": "",
      "udp_scan_ports_include": [],
      "url": "",
      "udp_scan_ports_exclude": "",
      "agent_only": ""
    },
    "debug": "",
    "all_hosts_failed": "",
    "range": "",
    "agent_uuids": "",
    "elapsed_seconds": "",
    "average_host_score": "",
    "start_date": "",
    "last_error": "",
    "host_count": "",
    "credential_limit": "",
    "url": "",
    "end_date": "",
    "network": {
      "include_ips": "",
      "virtual_hosts": [],
      "scap_agent_persist": "",
      "exclude_ips": "",
      "url": "",
      "asset_value": "",
      "notes": "",
      "favor_netbios_name": "",
      "owner": "",
      "effective_ranges": "",
      "active": "",
      "name": "",
      "system": "",
      "host_tracking": {
        "correlation_threshold": "",
        "correlation_values": {
          "Port Signature": "",
          "OS Fingerprint": "",
          "Operating System": "",
          "NetBIOS Name": "",
          "IP Address": "",
          "DNS Name": "",
          "Apparent MAC Address": ""
        },
        "correlation_method": ""
      }
    },
    "pool": {
      "notes": "",
      "appliances": [
        {
          "aap_uuid": "",
          "hardware_type": "",
          "error": "",
          "is_up": "",
          "cloud": "",
          "authentication_key": "",
          "aap_timestamp": "",
          "aspl_version": "",
          "hard_connection_limit": "",
          "name": "",
          "last_reboot": "",
          "reboot_pending": "",
          "dns_servers": [],
          "aap_agent_count": "",
          "interfaces": [
            {
              "ip_address": "",
              "name": ""
            }
          ],
          "soft_connection_limit": "",
          "aap_is_up": "",
          "ip_address": "",
          "last_update_seconds": "",
          "software_version": "",
          "last_update": "",
          "url": "",
          "default_soft_connection_limit": "",
          "is_local": ""
        }
      ],
      "generated": "",
      "url": "",
      "name": "",
      "allow_agent_processing": ""
    }
  }
]

operation: Resume Scan

Input parameters

Parameter Description
Scan Name Name of the paused scan that you want to resume on Tripwire IP360.

Output

The output contains the following populated JSON schema:

[
  {
    "ontology_version": "",
    "special_scan": "",
    "status": "",
    "rejected": "",
    "scan_type": "",
    "vuln_count": "",
    "name": "",
    "scan_profile": {
      "discovery_udp": "",
      "host_config_check": "",
      "scap_scan_policies": [],
      "credentials_webhttp": "",
      "webapp_scan": "",
      "discovery_icmp": "",
      "discovery_tcp_ports": [],
      "rate_limit": "",
      "discovery_tcp": "",
      "app_scan_adjusted_type": "",
      "app_scan": "",
      "credentials_smb": "",
      "rules_intrusive": "",
      "system": "",
      "tcp_scan_ports_include": [
        "5"
      ],
      "tcp_scan": "",
      "webapp_recursion_limit": "",
      "app_scan_limited": "",
      "udp_scan_ports_only": "",
      "fingerprint_scan": "",
      "vuln_scan_adjusted_vulns": [],
      "credentials_webform": "",
      "app_scan_adjusted_apps": [],
      "schedule": "",
      "rules_custom": "",
      "credentials_ssh": "",
      "background_port_scan": "",
      "tcp_scan_ports_exclude": "",
      "app_scan_adjusted": "",
      "rules_verified": "",
      "fingerprint_scan_legacy": "",
      "vuln_scan_adjusted": "",
      "discovery_udp_ports": "",
      "tcp_scan_ports_only": "",
      "active": "",
      "background_port_scan_rate": "",
      "udp_scan": "",
      "app_scan_extensive": "",
      "name": "",
      "traversal_random": "",
      "vuln_scan": "",
      "vuln_scan_adjusted_type": "",
      "credentials_snmp": "",
      "scap_scan": "",
      "rules_auth_attempt": "all",
      "webapp_page_limit": "",
      "udp_scan_ports_include": [],
      "url": "",
      "udp_scan_ports_exclude": "",
      "agent_only": ""
    },
    "debug": "",
    "all_hosts_failed": "",
    "range": "",
    "agent_uuids": "",
    "elapsed_seconds": "",
    "average_host_score": "",
    "start_date": "",
    "last_error": "",
    "host_count": "",
    "credential_limit": "",
    "url": "",
    "end_date": "",
    "network": {
      "include_ips": "",
      "virtual_hosts": [],
      "scap_agent_persist": "",
      "exclude_ips": "",
      "url": "",
      "asset_value": "",
      "notes": "",
      "favor_netbios_name": "",
      "owner": "",
      "effective_ranges": "",
      "active": "",
      "name": "",
      "system": "",
      "host_tracking": {
        "correlation_threshold": "",
        "correlation_values": {
          "Port Signature": "",
          "OS Fingerprint": "",
          "Operating System": "",
          "NetBIOS Name": "",
          "IP Address": "",
          "DNS Name": "",
          "Apparent MAC Address": ""
        },
        "correlation_method": ""
      }
    },
    "pool": {
      "notes": "",
      "appliances": [
        {
          "aap_uuid": "",
          "hardware_type": "",
          "error": "",
          "is_up": "",
          "cloud": "",
          "authentication_key": "",
          "aap_timestamp": "",
          "aspl_version": "",
          "hard_connection_limit": "",
          "name": "",
          "last_reboot": "",
          "reboot_pending": "",
          "dns_servers": [],
          "aap_agent_count": "",
          "interfaces": [
            {
              "ip_address": "",
              "name": ""
            }
          ],
          "soft_connection_limit": "",
          "aap_is_up": "",
          "ip_address": "",
          "last_update_seconds": "",
          "software_version": "",
          "last_update": "",
          "url": "",
          "default_soft_connection_limit": "",
          "is_local": ""
        }
      ],
      "generated": "",
      "url": "",
      "name": "",
      "allow_agent_processing": ""
    }
  }
]

operation: Get Vulnerabilities

Input parameters

Parameter Description
Search Text (Optional) Text based on which you want to filter vulnerabilities from Tripwire IP360.
If you do not specify any search content, then all available vulnerabilities are retrieved from Tripwire IP360.
Limit (Optional) Maximum number of results that this operation should return.
Offset (Optional) Index of the first item that this operation should return.

Output

The output contains the following populated JSON schema:

{
  "count": "",
  "results": [
    {
      "strategy": {
        "url": "",
        "description": "",
        "name": ""
      },
      "priority": "",
      "name": "",
      "risk": {
        "level": "",
        "url": "",
        "description": "",
        "name": ""
      },
      "solution": {
        "url": "",
        "description": "",
        "name": ""
      },
      "url": "",
      "description": "",
      "cvssv2": "",
      "cvssv3": "",
      "cves": [],
      "skill": {
        "level": "",
        "url": "",
        "description": "",
        "name": ""
      },
      "advisories": [
        {
          "website": "",
          "link": "",
          "name": ""
        }
      ]
    }
  ],
  "next": "",
  "previous": ""
}

operation: Run Agent

Input parameters

Parameter Description
Name System name of the axon agent that you want to run for system data collection on Tripwire IP360.

Output

The output contains the following populated JSON schema:

[
  {
    "url": "",
    "axon_agent": "",
    "command": "",
    "command_args": "",
    "issued_date": "",
    "status": "",
    "started_date": "",
    "completed_date": "",
    "error_str": ""
  }
]

operation: Get Agents

Input parameters

Parameter Description
Search Text (Optional) Text based on which you want to filter axon agents from Tripwire IP360.
If you do not specify any search content, then all available axon agents are retrieved from Tripwire IP360.
Limit (Optional) Maximum number of results that this operation should return.
Offset (Optional) Index of the first item that this operation should return.

Output

The output contains the following populated JSON schema:

{
  "count": "",
  "next": "",
  "previous": "",
  "results": [
    {
      "url": "",
      "ip_address": "",
      "name": "",
      "dns_name": "",
      "netbios_name": "",
      "os_name": "",
      "os_version": "",
      "architecture": "",
      "agent_uuid": "",
      "aap_uuid": "",
      "agent_version": "",
      "plugin_version": "",
      "last_seen": "",
      "last_scan": "",
      "is_up": "",
      "latest_tasks": {
        "scan_now": {
          "url": "",
          "axon_agent": "",
          "command": "",
          "command_args": "",
          "issued_date": "",
          "status": "",
          "started_date": "",
          "completed_date": "",
          "error_str": ""
        }
      },
      "support_bundle": "",
      "first_seen": "",
      "last_audit": "",
      "score": "",
      "asset": "",
      "deleted_datetime": ""
    }
  ]
}

operation: Get Assets

Input parameters

Parameter Description
Search Text (Optional) Text based on which you want to filter assets from Tripwire IP360.
If you do not specify any search content, then all available assets are retrieved from Tripwire IP360.
Limit (Optional) Maximum number of results that this operation should return.
Offset (Optional) Index of the first item that this operation should return.

Output

The output contains the following populated JSON schema:

{
  "count": "",
  "next": "",
  "previous": "",
  "results": [
    {
      "url": "",
      "ip_address": "",
      "dns_name": "",
      "netbios_name": "",
      "last_seen": "",
      "first_seen": "",
      "score": "",
      "domain_name": "",
      "operating_system": "",
      "network": {
        "url": "",
        "name": "",
        "active": "",
        "owner": "",
        "notes": "",
        "scap_agent_persist": "",
        "favor_netbios_name": "",
        "asset_value": "",
        "include_ips": "",
        "exclude_ips": "",
        "effective_ranges": "",
        "host_tracking": {
          "correlation_threshold": "",
          "correlation_method": "",
          "correlation_values": {
            "DNS Name": "",
            "OS Fingerprint": "",
            "NetBIOS Name": "",
            "Port Signature": "",
            "IP Address": "",
            "Apparent MAC Address": "",
            "Operating System": ""
          }
        },
        "virtual_hosts": [],
        "system": ""
      },
      "mac_address": "",
      "asset_value": "",
      "notes": "",
      "owner": "",
      "in_tripwire_enterprise": ""
    }
  ]
}

operation: Get Audits

Input parameters

Parameter Description
Search Text (Optional) Text based on which you want to filter audits (all scan activity details) from Tripwire IP360.
If you do not specify any search content, then all available audits are retrieved from Tripwire IP360.
Limit (Optional) Maximum number of results that this operation should return.
Offset (Optional) Index of the first item that this operation should return.

Output

The output contains the following populated JSON schema:

{
  "count": "",
  "next": "",
  "previous": "",
  "results": [
    {
      "url": "",
      "network": {
        "url": "",
        "name": "",
        "active": "",
        "system": ""
      },
      "host_count": "",
      "vuln_count": "",
      "average_host_score": "",
      "start_date": "",
      "end_date": "",
      "elapsed_seconds": "",
      "progress": "",
      "ontology_version": "",
      "scan_profile": {
        "url": "",
        "name": "",
        "active": "",
        "system": "",
        "agent_only": ""
      },
      "pool": {
        "url": "",
        "name": "",
        "generated": "",
        "notes": "",
        "is_up": "",
        "allow_agent_processing": ""
      },
      "status": "",
      "scan_type": "",
      "debug": "",
      "special_scan": "",
      "credential_limit": "",
      "range": "",
      "rejected": "",
      "last_error": "",
      "all_hosts_failed": "",
      "name": "",
      "agent_uuids": ""
    }
  ]
}

Included playbooks

The Sample - Tripwire IP360 - 1.0.0 playbook collection comes bundled with the Tripwire IP360 connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Tripwire IP360 connector.

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.

Previous
Next