Skip to main content

Cyware Orchestrate

Airlock

App Vendor: Airlock

App Category: Endpoint Security

Connector Version: 1.0.0

API Version: 1.0.0

About App

Airlock Secure Access Hub provides reliable IT security, seamless user experience, cost efficiency, compliance, and scalability in a single solution.

Airlock app is configured with Orchestrate to perform the following actions:

Action Name

Description

Fetch Execution History

This action retrieves the execution history.

Query Agent Hosts

This action retrieves a list of computers and their details.

Query Hash

This action retrieves details about a SHA256 hash.

Configuration Parameters

The following configuration parameters are required for the Airlock app to communicate with the Airlock enterprise application. The parameters can be configured by creating instances in the app.

Parameter

Description

Field Type

Required/Optional

Comments

Base URL

Enter the base URL of Airlock instance.

Example:

"https://airlock.server"

Text

Required

Port

Enter the port used to connect to Airlock instance.

Integer

Optional

Default value:

3129

API Key

Enter the API key used to connect to Airlock instance.

Example: "46f308e12484b885b35da64f3aa673d0455104fddbea08561010e7e1089cb001e75b7ce5cfab83"

Password

Optional

Verify SSL

Choose to verify SSL certificates.

Example:

true

Boolean

Optional

Default value:

true

Allowed values:

  • true

  • false

Action: Fetch Execution History

This action retrieves the execution history.

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Date from

Enter the date from in yyyy-mm-dd format.

Example:

2021-10-1

Text

Required

Date to

Enter the date to in yyyy-mm-dd format.

Example:

2021-12-1

Text

Required

Limit

Enter the maximum number of results to be displayed.

Example:

20

Integer

Optional

Default value:50

Additional Query Parameters

Enter the additional query parameters to filter the search results.

For more information on additional query parameters of this action, see Airlock API document.

Key Value

Optional

Allowed keys:

  • Category

  • Hostname

  • Username

  • Domain (or group)

  • File Name

  • Parent Policy Name

  • Policy Name

  • Policy Version

  • Commandline

  • Publisher

  • Parent Process

  • SHA256

  • Contains

Example Request 

[
 {
    "date_from": "2021-10-1",
    "date_to": "2021-12-1",
    "limit": 20
  }
]
Action: Query Agent Hosts

This action returns a list of computers and their details within the Airlock.

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Query Params

Enter the query parameters to filter search results. For more information about supported query params of this action, see Airlock API document.

Key Value

Required

Allowed Keys:

  • Target Agent ID

  • Hostname of PC

  • Username last logged in to PC

  • Domain Name

  • Group ID in Airlock

  • IP Address of PC

  • Operating System Name

  • Status (Offline, Online, or Safemode)

Action: Query Hash

This action retrieves details about a SHA256 hash.

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Lookup Hash

Enter the SHA256 hash to lookup.

Example: "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"

Text

Required

Example Request 

[
 {
    "lookup_hash": "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
  }
]