{ "version": "4.0", "name": "Tufin Networks", "type": "REST_EVENT", "vendor_identifier": "Tufin", "event_type": [ "NETWORK_IPV4", "NETWORK_IPV6" ], "content_type": "application/json", "steps": [ { "name": "DebugOnStart", "comment": "DebugOnStart", "operation": "NOP", "body": "${XC:DEBUG:{H:}}${XC:DEBUG:{E:}}${XC:DEBUG:{I:}}${XC:DEBUG:{L:}}${XC:DEBUG:{S:}}${XC:DEBUG:{P:}}${XC:DEBUG:{UT:}}" }, { "name": "check_EA_on_IP", "comment": "Checking if scan is wanted on the IP EA and if not there checking the Network EA", "operation": "CONDITION", "condition": { "condition_type": "OR", "statements": [ { "left": "${E:A:values{extattrs}{Tufin_Sync}{value}}", "op": "!=", "right": "true" }, { "left": "${E:A:values{extattrs}{Tufin_Zone}{value}}", "op": "==", "right": "" } ], "stop": true, "else_eval": "${XC:COPY:{L:NetCiDR}:{E:values{network}}" } }, { "name": "Check_Comment", "operation": "CONDITION", "condition": { "statements": [ { "left": "${E:A:values{comment}}", "op": "==", "right": "" } ], "condition_type": "OR", "eval": "${XC:ASSIGN:{L:Comment}:{S:}}", "else_eval": "${XC:COPY:{L:Comment}:{E:values{comment}}}" } }, { "name": "Split_Network_And_Mask", "operation": "VARIABLEOP", "variable_ops": [ { "operation": "ASSIGN", "type": "DICTIONARY", "destination": "L:SplitConfig", "keys": [ "parse", "regex" ], "values": [ "REGEXSPLIT", "/" ] } ] }, { "name": "Variable_To_Hold_Network_And_Mask", "operation": "NOP", "body": "${XC:PARSE:{L:SplitConfig}:{L:NetCiDR}}" }, { "name": "Check_If_Modify", "operation": "CONDITION", "condition": { "condition_type": "AND", "statements": [ { "left": "${E:A:operation_type}", "op": "==", "right": "MODIFY" }, { "left": "${E:A:previous_values{extattrs}{Tufin_Zone}{value}}", "op": "!=", "right": "${E:A:values{extattrs}{Tufin_Zone}{value}}" } ], "else_eval": "${XC:COPY:{L:Zone}:{E:values{extattrs}{Tufin_Zone}{value}}}${XC:COPY:{L:Zone}:{E:values{extattrs}{Tufin_Zone}{value}}}${XC:COPY:{L:Zone_2}:{E:values{extattrs}{Tufin_Zone}{value}}}${XC:COPY:{L:Zone_2}:{E:values{extattrs}{Tufin_Zone}{value}}}", "else_next": "Get_Zone_ID", "eval": "${XC:COPY:{L:Zone}:{E:previous_values{extattrs}{Tufin_Zone}{value}}}${XC:COPY:{L:Zone}:{E:previous_values{extattrs}{Tufin_Zone}{value}}}${XC:COPY:{L:Zone_2}:{E:values{extattrs}{Tufin_Zone}{value}}}${XC:COPY:{L:Zone_2}:{E:values{extattrs}{Tufin_Zone}{value}}}" } }, { "name": "Get_New_Zone_ID_2_for_Updating_Zones_On_Modify_events", "operation": "GET", "parse": "JSON", "headers": { "Accept": "application/json" }, "transport": { "path": "/securetrack/api/zones?name=${L:A:Zone_2}" } }, { "name": "Assign_Zone_ID_2_for_Updating_Zones_On_Modify_events", "operation": "NOP", "body": "${XC:COPY:{L:ZoneID_2}:{P:zones{zone}[0]{id}}}${XC:COPY:{L:ZoneID_2}:{P:zones{zone}[0]{id}}}" }, { "name": "Get_Zone_ID", "operation": "GET", "parse": "JSON", "headers": { "Accept": "application/json" }, "transport": { "path": "/securetrack/api/zones?name=${L:A:Zone}" } }, { "name": "Assign_Zone_ID", "comment": "Check_If_ZoneID_2_Is_Empty", "operation": "CONDITION", "condition": { "condition_type": "AND", "statements": [ { "left": "${L:A:ZoneID_2}", "op": "==", "right": "" } ], "eval": "${XC:COPY:{L:ZoneID}:{P:zones{zone}[0]{id}}}${XC:COPY:{L:ZoneID}:{P:zones{zone}[0]{id}}}${XC:COPY:{L:ZoneID_2}:{P:zones{zone}[0]{id}}}${XC:COPY:{L:ZoneID_2}:{P:zones{zone}[0]{id}}}", "else_eval": "${XC:COPY:{L:ZoneID}:{P:zones{zone}[0]{id}}}${XC:COPY:{L:ZoneID}:{P:zones{zone}[0]{id}}}" } }, { "name": "Check_If_Inserted_Event", "comment": "Check_If_Inserted_Event", "operation": "CONDITION", "condition": { "condition_type": "AND", "statements": [ { "left": "${E:A:operation_type}", "op": "==", "right": "INSERT" } ], "next": "Check_If_IPv6_Skip_Check" } }, { "name": "Check_If_Modified_Or_Delete_Event", "comment": "Check_If_Modified_Or_Delete_Event", "operation": "CONDITION", "condition": { "condition_type": "AND", "statements": [ { "left": "${E:A:operation_type}", "op": "==", "right": "DELETE" } ], "next": "Check_If_IPv6_stop_Delete", "else_next": "skip_object_modification_if_no_zone_or_comment_change" } }, { "name": "Check_If_IPv6_Skip_Check", "operation": "CONDITION", "condition": { "statements": [ { "left": "${E:A:values{network}}", "op": "=~", "right": ":" } ], "condition_type": "AND", "next": "add_entry" } }, { "name": "See_If_Value_already_exists", "operation": "GET", "parse": "JSON", "headers": { "Accept": "application/json" }, "transport": { "path": "/securetrack/api/zones/${L:A:ZoneID}/entries?ip=${L:A:NetCiDR[0]}&prefix=${L:A:NetCiDR[1]}" } }, { "name": "If_Exists_Update", "comment": "If_Exists_Update", "operation": "CONDITION", "condition": { "condition_type": "OR", "statements": [ { "left": "${P:A:zone_entries{count}}", "op": "!=", "right": "0" } ], "next": "Update_Entry" } }, { "name": "add_entry", "operation": "POST", "transport": { "path": "/securetrack/api/zones/${L:A:ZoneID}/entries" }, "body_list": [ "{", "\"zone_entry\": {\"ip\": \"${L:A:NetCiDR[0]}\",\"prefix\": \"${L:A:NetCiDR[1]}\",\"comment\":\"${L:A:Comment}\"}", "}" ] }, { "name": "Update_EA_On_Insert_Event", "operation": "PUT", "transport": { "path": "${E:A:values{_ref}}" }, "wapi": "v2.7", "wapi_quoting": "JSON", "body_list": [ "{", "\"extattrs+\":{\"Tufin_Zone\": { \"value\": \"${L:A:Zone}\"}, \"Tufin_SyncTime\": { \"value\": \"${UT:U:TIME}\"}}", "}" ], "result": [ { "codes": "204,200,201", "next": "STOP" } ] }, { "name": "Check_If_IPv6_stop_Delete", "operation": "CONDITION", "condition": { "statements": [ { "left": "${E:A:values{network}}", "op": "=~", "right": ":" } ], "condition_type": "AND", "stop": true } }, { "name": "Get_Entry_ID_For_Delete", "operation": "GET", "parse": "JSON", "headers": { "Accept": "application/json" }, "transport": { "path": "/securetrack/api/zones/${L:A:ZoneID}/entries?ip=${L:A:NetCiDR[0]}&prefix=${L:A:NetCiDR[1]}" } }, { "name": "delete entry", "operation": "DELETE", "transport": { "path": "/securetrack/api/zones/${L:A:ZoneID}/entries/${P:A:zone_entries{zone_entry}[0]{id}}" }, "result": [ { "codes": "204,200", "next": "STOP" } ] }, { "name": "skip_object_modification_if_no_zone_or_comment_change", "operation": "CONDITION", "condition": { "statements": [ { "left": "${E:A:operation_type}", "op": "==", "right": "MODIFY" }, { "left": "${E:A:values{extattrs}{Tufin_Zone}{value}}", "op": "==", "right": "${E:A:previous_values{extattrs}{Tufin_Zone}{value}}" }, { "left": "${E:A:previous_values{comment}}", "op": "==", "right": "${L:A:Comment}" } ], "condition_type": "AND", "stop": true } }, { "name": "Check_If_IPv6_stop_modify", "operation": "CONDITION", "condition": { "statements": [ { "left": "${E:A:values{network}}", "op": "=~", "right": ":" } ], "condition_type": "AND", "stop": true } }, { "name": "Get_Entry_ID_For_Modify", "operation": "GET", "parse": "JSON", "headers": { "Accept": "application/json" }, "transport": { "path": "/securetrack/api/zones/${L:A:ZoneID}/entries?ip=${L:A:NetCiDR[0]}&prefix=${L:A:NetCiDR[1]}" } }, { "name": "Update_Entry", "operation": "PUT", "transport": { "path": "/securetrack/api/zones/${L:A:ZoneID}/entries/${P:A:zone_entries{zone_entry}[0]{id}}" }, "body_list": [ "{", "\"zone_entry\": {\"ip\": \"${L:A:NetCiDR[0]}\",\"prefix\": \"${L:A:NetCiDR[1]}\",\"comment\":\"${L:A:Comment}\",\"zoneId\":\"${L:A:ZoneID_2}\"}", "}" ], "result": [ { "codes": "204,200", "next": "Update_EA_On_Modify_Event" } ] }, { "name": "Update_EA_On_Modify_Event", "operation": "PUT", "transport": { "path": "${E:A:values{_ref}}" }, "wapi": "v2.7", "wapi_quoting": "JSON", "body_list": [ "{", "\"extattrs+\":{\"Tufin_Zone\": { \"value\": \"${L:A:Zone_2}\"}, \"Tufin_SyncTime\": { \"value\": \"${UT:U:TIME}\"}}", "}" ] }, { "name": "STOP", "operation": "CONDITION", "condition": { "statements": [ { "left": "1", "op": "==", "right": "1" } ], "condition_type": "OR", "stop": true } } ] }