Ivanti Security Controls
App Vendor: Ivanti
App Category: Network Security, Vulnerability Management, Data Enrichment & Threat Intelligence
Connector Version: 1.0.0
API Version: 2021.2.1
About App
Ivanti Security Controls is an automated patching solution which works across physical and virtual Windows and Red Hat Enterprise Linux servers, in addition to workstations. The Ivanti Security Controls application discovers online and offline workstations and servers, scans for missing patches, and deploys them where needed. The impact on workloads is minimized by the agentless technology for Windows systems, while optional agent policies can also be applied for improved flexibility and patch accuracy.
The Ivanti Security Controls app is configured with the Orchestrate application to perform the following actions:
Action Name | Description |
|---|---|
Query Agents | This action queries available agents on the Ivanti Security Controls application. |
Query Machine Groups | This action queries machine groups on the Ivanti Security Controls application. |
Query Patch Deployments | This action queries the patch deployments on the Ivanti Security Controls application. |
Query Patch Deployment Templates | This action queries the patch deployment templates on the Ivanti Controls application. |
Start Patch Deployment | This action starts a patch deployment on the Ivanti Security Controls application. |
Get Patch Deployment Details | This action retrieves the details for patch deployment from the Ivanti Security Controls application. |
Query Patch Scans | This action queries patch scans from the Ivanti Security Controls application. |
Query Patch Scan Templates | This action queries patch scan templates from the Ivanti Security Controls application. |
Start Patch Scan | This action starts a patch scan from the Ivanti Security Controls application. |
Get Patch Scan Details | This action retrieves the patch scan details from the Ivanti Security Controls application. |
Get Machine Info For Patch Scan | This action retrieves machine info for patch scan from the Ivanti Security Controls application. |
Query Patches | This action queries patches from the Ivanti Security Controls application. |
Get Patch Details | This action retrieves the patch details from the Ivanti Security Controls application. |
Query Patch Groups | This action queries the patch groups from the Ivanti Security Controls application. |
Get Patch Group Details | This action retrieves the patch group details from the Ivanti Security Controls application. |
Get Patches From Group | This action retrieves the patches from the group on the Ivanti Security Controls application. |
Update Patch Group | This action updates a patch group on the Ivanti Security Controls application. |
Add Vulnerabilities To Patch Group | This action adds vulnerabilities to the patch group on the Ivanti Security Controls application. |
Import CVEs Into Patch Group | This action imports Common Vulnerabilities and Exposures (CVE) into the patch group on the Ivanti Security Controls application. |
Configuration Parameters
The following configuration parameters are required for the Ivanti Security Controls app to communicate with the Ivanti Security Controls enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Username | Enter the username to authenticate the Ivanti Security Controls application. Example: "Sample username" | Text | Required | |
Password | Enter the password to authenticate the Ivanti Security Controls application. "Sample password" | Password | Required | |
Host address | Enter the Host URL, FQDN, or IP address of the SMS server. Example: "https://isec-instance.corp.tld" | Text | Required |
Action: Query Agents
This action queries the available agents on the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the host or DNS name for the agent. Example: "device-name.domain.com" | Text | Optional | |
Listening | Enter the value to retrieve the list of agents that are configured as listening agents. Example: True | Boolean | Optional | Allowed values:
|
Count | Enter the number of agents to return. Example: 8 | Integer | Optional | Maximum Allowed value: 1000 Default value: 10 |
Start | Enter the starting index for the pagination. Example: 2 | Integer | Optional | Default value: 0 |
Example Request
[
{
"name":"device-name.domain.com",
"listening":true,
"count":8,
"start":2
}
]Action: Query Machine Groups
This action queries machine groups on the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the host or DNS name for the agent. Example: "device-name.domain.com" | Text | Optional | |
Path | Enter the machine groups that match this path. Example: "/my machine groups" | Text | Optional | |
Count | Enter the number of agents to return. Example: 8 | Integer | Optional | <span>Maximum Allowed value: 1000</span><span>Default value: 10</span> |
Start | Enter the starting index for the pagination. Example: 2 | Integer | Optional | Default value: 0 |
Example Request
[
{
"name":"device-name.domain.com",
"path":"/my machine groups",
"count":8,
"start":2
}
]Action: Query Patch Deployments
This action queries the patch deployments on the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the host or DNS name for the agent. Example: "Sample Name" | Text | Optional | |
On or after | Enter the results that are required on or after this timestamp. Example: "2018-01-12t20:35:48.89z" | Text | Optional | |
On or before | Enter the results that are required on or before this timestamp. Example: "2018-01-12t20:35:48.89z" | Text | Optional | |
Start | Enter the start position for the pagination. Example: 8 | Integer | Optional | Default value: 0 |
Count | Enter the number of results to return. Example: 12 | Integer | Optional | Maximum allowed results: 1000 Default value: 10 |
Example Request
[
{
"name":"Sample Name",
"on_or_after":"2018-01-12t20:35:48.89z",
"on_or_before":"2018-01-12t20:35:48.89z",
"start":8,
"count":12
}
]Action: Query Patch Deployment Templates
This action queries the patch deployment templates on the Ivanti Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the patch deployment template to query. Example: "Sample Name" | Text | Optional | |
Path | Enter the path to query. Example: "/my patch deployments" | Text | Optional | |
On or after | Enter the time to return results on or after this timestamp. Example: "2018-01-12t20:35:48.89z" | Text | Optional | |
On or before | Enter the time to return results on or before this timestamp. Example: "2018-01-12t20:35:48.89z" | Text | Optional | |
Start | Specify the start position for the pagination. Example: 8 | Integer | Optional | Default value: 0 |
Count | Specify the number of results to return. Example: 12 | Integer | Optional | Maximum allowed value: 1000 Default value: 10 |
Example Request
[
{
"name":"Sample Name",
"on_or_after":"2018-01-12t20:35:48.89z",
"on_or_before":"2018-01-12t20:35:48.89z",
"start":8,
"count":12
}
]Action: Start Patch Deployment
This action starts a patch scan from the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Scan ID | Enter the Scan ID to identify the missing patches and target machines. Example: "32169cbc-dc24-4d5a-acfa-a451c0ef54af" | Text | Required | |
Template ID | Enter the template ID of the deployment template used for this deployment. Example: "7b5bc7e4-7437-47ac-ae2e-569ffdb0ccf8" | Text | Required | |
Deploy what | Enter the value deployed as a patch. Example: "allmissingpatchesformachine" | Text | Optional | Allowed values:
Default value: allmissingpatchesforscan |
Error policy | Enter the action to perform if an error occurs. Example: "throw" | Text | Optional | Allowed values:
Default value: throw |
Machines | Enter the machines that need to be included for the deployment. Example: $LIST[MyDomainName] | List | Optional | This parameter is used based on what is specified for the deploy what parameter. |
Example Request
[
{
"scanId":"8bce9fdd-0cf8-40b0-8ecc-b0914a9c831a",
"templateId":"7b5bc7e4-7437-47ac-ae2e-569ffdb0ccf8",
"deployWhat":"AllMissingPatchesForMachine",
"machines":[
"MyDomainName"
]
}
]Action: Get Patch Deployment Details
This action retrieves the details for patch deployment from the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Deployment ID | Enter the deployment ID to get the details. Example: "2324f040-9eba-43be-b5fe-a4250fa54bd3" | Text | Required |
Example Request
[
{
"deployment_id": "2324f040-9eba-43be-b5fe-a4250fa54bd3"
}
]Action: Query Patch Scans
This action queries patch scans from the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name for the patch scan. Example: "Sample Name" | Text | Optional | |
On or after | Specify the time to return results on or after this timestamp. Example: "2018-01-12t20:35:48.89z" | Text | Optional | |
On or before | Enter the time to return results on or before this timestamp. Example: "2018-01-12t20:35:48.89z" | Text | Optional | |
Start | Enter the start position for the pagination. Example: 3 | Integer | Optional | Default value: 0 |
Count | Enter the number of results to return. Example: 8 | Integer | Optional | Maximum allowed results: 1000 Default value: 0 |
Example Request
[
{
"name": "Sample Name",
"on_or_after": "2018-01-12t20:35:48.89z",
"on_or_before": "2018-01-12t20:35:48.89z",
"start": 8,
"count": 12
}
]Action: Query Patch Scan Templates
This action queries patch scan templates from the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name to match the patch scan template. Example: "Sample Name" | Text | Optional | |
Path | Enter the paths to return the results. Example: "/my templates" | Text | Optional | |
Start | Enter the starting index for the pagination. Example: 2 | Integer | Optional | Default value: 0 |
Count | Enter the number of results to return. Example: 8 | Integer | Optional | Maximum allowed results: 1000 Default value: 10 |
Example Request
[
{
"name":"Sample Name",
"on_or_after":"2018-01-12t20:35:48.89z",
"on_or_before":"2018-01-12t20:35:48.89z",
"start":8,
"count":12
}
]Action: Start Patch Scan
This action starts a patch scan from the Ivanti Security Controls application.
Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the patch scan to query. Example: "Sample Name" | Text | Required | |
Template ID | Enter the patch scan template ID. Example: "4c7069eb-6e1c-4352-91fc-04d4d8abc07b" | Text | Required | |
Connection method | Enter the method to connect to the machines that are scanned. Example: "ipaddress" | Text | Optional | Note: This parameter is used only if an endpoint name is specified using the 'endpointnames' parameter. Allowed values:
|
Diagnostic trace enabled | Enter if you want to enable diagnostics tracing during the scan. Example: True | Boolean | Optional | Allowed values:
Default value: False |
Endpoint names | Enter the endpoint names. Example: $LIST[windows-machine] | List | Optional | |
Machine group ids | Enter the list of machine groups to scan. Example: $LIST[samplemachine] | List | Optional | |
Use machine credential | Enter if you want to use machine credentials. Example: "sample credentials" | Text | Optional | This parameter is only used if an endpoint name is specified using the Endpoint Names parameter. |
Example Request
[
{
"name":"Sample Name",
"template_id":"4c7069eb-6e1c-4352-91fc-04d4d8abc07b",
"connection_method":"IPAddress",
"diagnostic_trace_enabled":true,
"endpoint_names":[
"windows-machine"
],
"machine_group_ids":[
"sample machine"
],
"use_machine_credential":"sample credentials"
}
]Action: Get Patch Scan Details
This action retrieves the patch scan details from the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Patch scan ID | Enter the patch scan ID to get the details. Example: "0cf58dc6-13ff-4910-924e-5c7d3e2ae2ad" | Text | Required |
Example Request
[
{
"patch_scan_id": "0cf58dc6-13ff-4910-924e-5c7d3e2ae2ad"
}
]Action: Get Machine Info For Patch Scan
This action retrieves machine info for patch scan from the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Patch scan ID | Enter the patch scan ID to get the machine info. Example: "0cf58dc6-13ff-4910-924e-5c7d3e2ae2ad" | Text | Required |
Example Request
[
{
"patch_scan_id": "0cf58dc6-13ff-4910-924e-5c7d3e2ae2ad"
}
]Action: Query Patches
This action queries patches from the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Bulletin IDs | Enter the bulletin IDs. Example: $list[mswu-065] | List | Optional | |
CVEs | Enter the CVE IDs. Example: $list[cve-2021-26423] | List | Optional | |
Error policy | Enter the value to show an error when encountering an invalid ID. Example: "throw" | Text | Optional | Allowed values:
Default value: omit |
KBs | Enter the list of KB IDs as comma separated list. Example: list$[q319740] | List | Optional | |
Count | Enter the number of results to return. Example: 12 | Integer | Optional | Maximum allowed value: 1000 Default value: 10 |
Start | Enter the starting index for the pagination. Example: 2 | Integer | Optional | Default value: 0 |
Example Request
[
{
"bulletin_ids":[
"MSWU-065"
],
"cves":[
"CVE-2021-26423"
],
"error_policy":"throw",
"kbs":[
"Q319740"
],
"count":12,
"start":2
}
]Action: Get Patch Details
This action retrieves the patch details from the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Patch ID | Enter the patch ID to get the details. Example: 6101 | Integer | Required |
Example Request
[
{
"patch_id": 6101
}
]Action: Query Patch Groups
This action queries the patch groups from the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Name | Enter the name of the patch group. Example: "Sample Name" | Text | Optional | |
Path | Enter the path to return results. Example: "/my patch groups" | Text | Optional | |
Count | Enter the number of results to return. Example: 12 | Integer | Optional | Maximum allowed value: 1000 Default value: 10 |
Start | Enter the starting index for the pagination. Example: 2 | Integer | Optional | Default value: 0 |
Example Request
[
{
"name": "Sample Name",
"path": "/my patch groups",
"count": 12,
"start": 2
}
]Action: Get Patch Group Details
This action retrieves the patch group details from the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Patch group ID | Enter the patch group name to get the details. Example: 3 | Integer | Required |
Example Request
[
{
"patch_group_id": 3
}
]Action: Get Patches From Group
This action retrieves the patches from the group on the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Patch group IDs | Enter the patch group ID to get patches from the group. Example: 12 | Integer | Required |
Example Request
[
{
"patch_group_id": 12
}
]Action: Update Patch Group
This action updates a patch group on the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Patch group ID | Enter the patch group ID to update. Example: 1 | Integer | Required | |
Name | Enter the patch group name. Example: "Sample Name" | Text | Required | |
Path | Enter the path to the location of the patch group within the patch templates and groups list in the navigation pane. Example: "lab/servers" | Text | Optional |
Example Request
[
{
"patch_group_id": 1,
"name": "Sample Name",
"path": "lab/servers"
}
]Action: Add Vulnerabilities To Patch Group
This action adds vulnerabilities to the patch group on the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Patch group ID | Enter the patch group ID to add vulnerabilities to the patch group. Example: 1 | Integer | Required | |
Vulnerability IDs | Enter the list of vulnerability IDs. Example: $LIST[123245] | List | Required | |
Ignore bad IDs | Enter if you want to ignore invalid IDs. Example: True | Boolean | Optional | Default value: False |
Example Request
[
{
"patch_group_id":1,
"vuln_ids":[
"123245"
],
"ignore_bad_ids":true
}
]Action: Import CVEs Into Patch Group
This action imports CVEs into the patch group on the Ivanti Security Controls application.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Patch group ID | Enter the patch group ID to import. Example: 1 | Integer | Required | |
CVE list | Enter the list of CVEs. Example: $LIST[cve-2019-0701] | List | Required | |
Error policy | Enter the error policy for bad CVE IDs. Example: "throw" | Text | Required | Allowed values:
Default value: throw |
Example Request
[
{
"patch_group_id":1,
"cves":[
"CVE-2019-0701"
],
"error_policy":"throw"
}
]