Skip to content

Commit

Permalink
Workday Sign on Event Collector (#28832)
Browse files Browse the repository at this point in the history
  • Loading branch information
@amshamah419 @moishce
amshamah419 authored and moishce committed Sep 14, 2023
1 parent 1bef282 commit 411a26d
Show file tree
Hide file tree
Showing 21 changed files with 2,015 additions and 7 deletions.
8 changes: 8 additions & 0 deletions Packs/Workday/.pack-ignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,12 @@ ignore=IM111
[file:WorkdayEventCollector_image.png]
ignore=IM111

[file:WorkdaySignOnEventCollector_image.png]
ignore=IM111

[file:WorkdaySignonEventGenerator_image.png]
ignore=IM111

[file:WorkdayIAMEventsGenerator_image.png]
ignore=IM111

Expand All @@ -19,3 +25,5 @@ ignore=BA124
[file:WorkdayEventCollector.yml]
ignore=MR108

[known_words]
signon
49 changes: 49 additions & 0 deletions Packs/Workday/Integrations/WorkdaySignOnEventCollector/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
Use the Workday Sign On Event Collector integration to get sign on logs from Workday.
This integration was integrated and tested with version v37.0 of Workday Sign On Event Collector.

## Configure Workday Sign On Event Collector on Cortex XSOAR

1. Navigate to **Settings** > **Integrations** > **Servers & Services**.
2. Search for Workday Sign On Event Collector.
3. Click **Add instance** to create and configure a new integration instance.

| **Parameter** | **Description** | **Required** |
---------------------------------------------------| --- | --- | --- |
| Server URL (e.g., https://services1.myworkday.com) | API Endpoint of Workday server. Can be obtained from View API Clients report in Workday application. | True |
| Tenant Name | The name of the Workday Tenant. Can be obtained from View API Clients report in Workday application. | True |
| Username | | True |
| Password | | True |
| Trust any certificate (not secure) | | False |
| Use system proxy settings | | False |
| Max events per fetch | The maximum number of sign on events to retrieve. Large amount of events may cause performance issues. | False |
| Events Fetch Interval | | False |

4. Click **Test** to validate the URLs, token, and connection.

## Commands

You can execute these commands from the Cortex XSIAM CLI, as part of an automation, or in a playbook.
After you successfully execute a command, a DBot message appears in the War Room with the command details.

### workday-get-sign-on-events

***
Returns sign on events extracted from Workday. This command is used for developing/debugging and is to be used with caution, as it can create events, leading to events duplication and exceeding the API request limitation.

#### Base Command

`workday-get-sign-on-events`

#### Input

| **Argument Name** | **Description** | **Required** |
|--------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------|
| should_push_events | Set this argument to True in order to create events, otherwise the command will only display them. Possible values are: True, False. Default is False. | Required |
| limit | The maximum number of events to return. Default is 1000. | Optional |
| from_date | The date and time of the earliest event. The default timezone is UTC/GMT. The time format is "{yyyy}-{mm}-{dd}T{hh}:{mm}:{ss}Z". Example: "2021-05-18T13:45:14Z" indicates May 18, 2021, 1:45PM UTC. | Optional |
| to_date | The time format is "{yyyy}-{mm}-{dd}T{hh}:{mm}:{ss}Z". Example: "2021-05-18T13:45:14Z" indicates May 18, 2021, 1:45PM UTC. | Optional |
| relative_from_date | The query from date, for example, "5 minutes". Be advised, it is strongly suggested to keep this parameter limited in time. | Optional |

#### Context Output

There is no context output for this command.
Loading

0 comments on commit 411a26d

Please sign in to comment.