diff --git a/packages/nodes-base/credentials/CortexApi.credentials.ts b/packages/nodes-base/credentials/CortexApi.credentials.ts index 9b869cec1ed36..571a12c767b0f 100644 --- a/packages/nodes-base/credentials/CortexApi.credentials.ts +++ b/packages/nodes-base/credentials/CortexApi.credentials.ts @@ -1,4 +1,6 @@ import { + IAuthenticateGeneric, + ICredentialTestRequest, ICredentialType, INodeProperties, } from 'n8n-workflow'; @@ -24,4 +26,21 @@ export class CortexApi implements ICredentialType { placeholder: 'https://localhost:9001', }, ]; + + authenticate: IAuthenticateGeneric = { + type: 'generic', + properties: { + headers: { + Authorization: '=Bearer {{$credentials.cortexApiKey}}', + }, + }, + }; + + test: ICredentialTestRequest = { + request: { + baseURL: '={{$credentials.host}}', + url: '/api/analyzer', + }, + }; + } diff --git a/packages/nodes-base/nodes/Cortex/Cortex.node.ts b/packages/nodes-base/nodes/Cortex/Cortex.node.ts index 1bcdcb87eff59..6e516485f2112 100644 --- a/packages/nodes-base/nodes/Cortex/Cortex.node.ts +++ b/packages/nodes-base/nodes/Cortex/Cortex.node.ts @@ -55,7 +55,7 @@ export class Cortex implements INodeType { name: 'cortex', icon: 'file:cortex.svg', group: ['transform'], - subtitle: '={{$parameter["resource"]+ ": " + $parameter["operation"]}}', + subtitle: '={{$parameter["operation"]+ ": " + $parameter["resource"]}}', version: 1, description: 'Apply the Cortex analyzer/responder on the given entity', defaults: { @@ -112,7 +112,7 @@ export class Cortex implements INodeType { const requestResult = await cortexApiRequest.call( this, 'POST', - `/analyzer/_search`, + `/analyzer/_search?range=all`, ); const returnData: INodePropertyOptions[] = []; diff --git a/packages/nodes-base/nodes/Cortex/GenericFunctions.ts b/packages/nodes-base/nodes/Cortex/GenericFunctions.ts index 89509e3218908..2c23f68c85970 100644 --- a/packages/nodes-base/nodes/Cortex/GenericFunctions.ts +++ b/packages/nodes-base/nodes/Cortex/GenericFunctions.ts @@ -2,12 +2,6 @@ import { OptionsWithUri, } from 'request'; -import { - IAnalyzer, - IJob, - IResponder, -} from './AnalyzerInterface'; - import { IExecuteFunctions, IExecuteSingleFunctions, @@ -25,10 +19,8 @@ export async function cortexApiRequest(this: IHookFunctions | IExecuteFunctions const credentials = await this.getCredentials('cortexApi'); - const headerWithAuthentication = Object.assign({}, { Authorization: ` Bearer ${credentials.cortexApiKey}` }); - let options: OptionsWithUri = { - headers: headerWithAuthentication, + headers: {}, method, qs: query, uri: uri || `${credentials.host}/api${resource}`, @@ -47,7 +39,7 @@ export async function cortexApiRequest(this: IHookFunctions | IExecuteFunctions } try { - return await this.helpers.request!(options); + return await this.helpers.requestWithAuthentication.call(this, 'cortexApi', options); } catch (error) { throw new NodeApiError(this.getNode(), error); } diff --git a/packages/nodes-base/nodes/Cortex/ResponderDescription.ts b/packages/nodes-base/nodes/Cortex/ResponderDescription.ts index 4f707a77c6852..b54f24e912357 100644 --- a/packages/nodes-base/nodes/Cortex/ResponderDescription.ts +++ b/packages/nodes-base/nodes/Cortex/ResponderDescription.ts @@ -115,18 +115,26 @@ export const responderFields: INodeProperties[] = [ name: 'values', values: [ { - displayName: 'Title', - name: 'title', + displayName: 'Description', + name: 'description', type: 'string', default: '', - description: 'Title of the case', + description: 'Description of the case', }, { - displayName: 'Description', - name: 'description', + displayName: 'Flag', + name: 'flag', + type: 'boolean', + default: false, + // eslint-disable-next-line n8n-nodes-base/node-param-description-boolean-without-whether + description: 'Flag of the case default=false', + }, + { + displayName: 'Owner', + name: 'owner', type: 'string', default: '', - description: 'Description of the case', + description: 'User who owns the case. This is automatically set to current user when status is set to InProgress.', }, { displayName: 'Severity', @@ -157,19 +165,18 @@ export const responderFields: INodeProperties[] = [ description: 'Date and time of the begin of the case default=now', }, { - displayName: 'Owner', - name: 'owner', + displayName: 'Tags', + name: 'tags', type: 'string', default: '', - description: 'User who owns the case. This is automatically set to current user when status is set to InProgress.', + placeholder: 'tag1,tag2,...', }, { - displayName: 'Flag', - name: 'flag', - type: 'boolean', - default: false, - // eslint-disable-next-line n8n-nodes-base/node-param-description-boolean-without-whether - description: 'Flag of the case default=false', + displayName: 'Title', + name: 'title', + type: 'string', + default: '', + description: 'Title of the case', }, { displayName: 'TLP', @@ -194,14 +201,7 @@ export const responderFields: INodeProperties[] = [ value: TLP.red, }, ], - description: 'Traffict Light Protocol (TLP). Default=Amber.', - }, - { - displayName: 'Tags', - name: 'tags', - type: 'string', - default: '', - placeholder: 'tag1,tag2,...', + description: 'Traffic Light Protocol (TLP). Default=Amber.', }, ], }, @@ -245,131 +245,6 @@ export const responderFields: INodeProperties[] = [ displayName: 'Alert Attributes', name: 'values', values: [ - { - displayName: 'Title', - name: 'title', - type: 'string', - default: '', - description: 'Title of the alert', - }, - { - displayName: 'Description', - name: 'description', - type: 'string', - default: '', - description: 'Description of the alert', - }, - { - displayName: 'Severity', - name: 'severity', - type: 'options', - default: 2, - options: [ - { - name: 'Low', - value: 1, - }, - { - name: 'Medium', - value: 2, - }, - { - name: 'High', - value: 3, - }, - ], - description: 'Severity of the case. Default=Medium.', - }, - { - displayName: 'Date', - name: 'date', - type: 'dateTime', - default: '', - description: 'Date and time when the alert was raised default=now', - }, - { - displayName: 'Tags', - name: 'tags', - type: 'string', - placeholder: 'tag1,tag2,...', - default: '', - }, - { - displayName: 'TLP', - name: 'tlp', - type: 'options', - default: 2, - options: [ - { - name: 'White', - value: TLP.white, - }, - { - name: 'Green', - value: TLP.green, - }, - { - name: 'Amber', - value: TLP.amber, - }, { - name: 'Red', - value: TLP.red, - }, - ], - description: 'Traffict Light Protocol (TLP). Default=Amber.', - }, - { - displayName: 'Status', - name: 'status', - type: 'options', - default: 'New', - options: [ - { - name: 'New', - value: 'New', - }, - { - name: 'Updated', - value: 'Updated', - }, - { - name: 'Ignored', - value: 'Ignored', - }, - { - name: 'Imported', - value: 'Imported', - }, - ], - description: 'Status of the alert. Default=New.', - }, - { - displayName: 'Type', - name: 'type', - type: 'string', - default: '', - description: 'Type of the alert', - }, - { - displayName: 'Source', - name: 'source', - type: 'string', - default: '', - description: 'Source of the alert', - }, - { - displayName: 'SourceRef', - name: 'sourceRef', - type: 'string', - default: '', - description: 'Source reference of the alert', - }, - { - displayName: 'Follow', - name: 'follow', - type: 'boolean', - default: false, - }, { displayName: 'Artifacts', name: 'artifacts', @@ -385,6 +260,32 @@ export const responderFields: INodeProperties[] = [ displayName: 'Artifact', name: 'artifactValues', values: [ + { + displayName: 'Binary Property', + name: 'binaryProperty', + type: 'string', + displayOptions: { + show: { + dataType: [ + 'file', + ], + }, + }, + default: 'data', + }, + { + displayName: 'Data', + name: 'data', + type: 'string', + displayOptions: { + hide: { + dataType: [ + 'file', + ], + }, + }, + default: '', + }, { displayName: 'Data Type', name: 'dataType', @@ -449,32 +350,6 @@ export const responderFields: INodeProperties[] = [ }, ], }, - { - displayName: 'Data', - name: 'data', - type: 'string', - displayOptions: { - hide: { - dataType: [ - 'file', - ], - }, - }, - default: '', - }, - { - displayName: 'Binary Property', - name: 'binaryProperty', - type: 'string', - displayOptions: { - show: { - dataType: [ - 'file', - ], - }, - }, - default: 'data', - }, { displayName: 'Message', name: 'message', @@ -491,6 +366,132 @@ export const responderFields: INodeProperties[] = [ }, ], }, + { + displayName: 'Date', + name: 'date', + type: 'dateTime', + default: '', + description: 'Date and time when the alert was raised default=now', + }, + { + displayName: 'Description', + name: 'description', + type: 'string', + default: '', + description: 'Description of the alert', + }, + { + displayName: 'Follow', + name: 'follow', + type: 'boolean', + default: false, + }, + { + displayName: 'Severity', + name: 'severity', + type: 'options', + default: 2, + options: [ + { + name: 'Low', + value: 1, + }, + { + name: 'Medium', + value: 2, + }, + { + name: 'High', + value: 3, + }, + ], + description: 'Severity of the case. Default=Medium.', + }, + { + displayName: 'Source', + name: 'source', + type: 'string', + default: '', + description: 'Source of the alert', + }, + { + displayName: 'SourceRef', + name: 'sourceRef', + type: 'string', + default: '', + description: 'Source reference of the alert', + }, + { + displayName: 'Status', + name: 'status', + type: 'options', + default: 'New', + options: [ + { + name: 'New', + value: 'New', + }, + { + name: 'Updated', + value: 'Updated', + }, + { + name: 'Ignored', + value: 'Ignored', + }, + { + name: 'Imported', + value: 'Imported', + }, + ], + description: 'Status of the alert. Default=New.', + }, + { + displayName: 'Tags', + name: 'tags', + type: 'string', + placeholder: 'tag1,tag2,...', + default: '', + }, + { + displayName: 'Title', + name: 'title', + type: 'string', + default: '', + description: 'Title of the alert', + }, + { + displayName: 'TLP', + name: 'tlp', + type: 'options', + default: 2, + options: [ + { + name: 'White', + value: TLP.white, + }, + { + name: 'Green', + value: TLP.green, + }, + { + name: 'Amber', + value: TLP.amber, + }, + { + name: 'Red', + value: TLP.red, + }, + ], + description: 'Traffic Light Protocol (TLP). Default=Amber.', + }, + { + displayName: 'Type', + name: 'type', + type: 'string', + default: '', + description: 'Type of the alert', + }, ], }, ], @@ -536,6 +537,33 @@ export const responderFields: INodeProperties[] = [ displayName: 'Observable Attributes', name: 'values', values: [ + { + displayName: 'Binary Property', + name: 'binaryPropertyName', + type: 'string', + default: 'data', + displayOptions: { + show: { + dataType: [ + 'file', + ], + }, + }, + description: 'Name of the binary property which contains the attachement data', + }, + { + displayName: 'Data', + name: 'data', + type: 'string', + default: '', + displayOptions: { + hide: { + dataType: [ + 'file', + ], + }, + }, + }, { displayName: 'DataType', name: 'dataType', @@ -601,31 +629,11 @@ export const responderFields: INodeProperties[] = [ ], }, { - displayName: 'Data', - name: 'data', - type: 'string', - default: '', - displayOptions: { - hide: { - dataType: [ - 'file', - ], - }, - }, - }, - { - displayName: 'Binary Property', - name: 'binaryPropertyName', - type: 'string', - default: 'data', - displayOptions: { - show: { - dataType: [ - 'file', - ], - }, - }, - description: 'Name of the binary property which contains the attachement data', + displayName: 'IOC', + name: 'ioc', + type: 'boolean', + default: false, + description: 'Whether the observable is an IOC (Indicator of compromise)', }, { displayName: 'Message', @@ -640,6 +648,23 @@ export const responderFields: INodeProperties[] = [ default: '', description: 'Date and time of the begin of the case default=now', }, + { + displayName: 'Status', + name: 'status', + type: 'options', + default: '', + options: [ + { + name: 'Ok', + value: 'Ok', + }, + { + name: 'Deleted', + value: 'Deleted', + }, + ], + description: 'Status of the observable (Ok or Deleted) default=Ok', + }, { displayName: 'TLP', name: 'tlp', @@ -662,31 +687,7 @@ export const responderFields: INodeProperties[] = [ value: TLP.red, }, ], - description: 'Traffict Light Protocol (TLP). Default=Amber.', - }, - { - displayName: 'IOC', - name: 'ioc', - type: 'boolean', - default: false, - description: 'Whether the observable is an IOC (Indicator of compromise)', - }, - { - displayName: 'Status', - name: 'status', - type: 'options', - default: '', - options: [ - { - name: 'Ok', - value: 'Ok', - }, - { - name: 'Deleted', - value: 'Deleted', - }, - ], - description: 'Status of the observable (Ok or Deleted) default=Ok', + description: 'Traffic Light Protocol (TLP). Default=Amber.', }, ], },