IBM Resilient connector and action

edit

IBM Resilient connector and action

edit

The IBM Resilient connector uses the RESILIENT REST v2 to create IBM Resilient incidents.

Create connectors in Kibana

edit

You can create connectors in Stack Management > Connectors or as needed when you’re creating a rule. For example:

IBM Resilient connector
Connector configuration
edit

IBM Resilient connectors have the following configuration properties:

Name
The name of the connector.
URL
IBM Resilient instance URL.
Organization ID
IBM Resilient organization ID.
API key ID
The authentication key ID for HTTP Basic authentication.
API key secret
The authentication key secret for HTTP Basic authentication.

Create preconfigured connectors

edit

If you are running Kibana on-prem, you can define connectors by adding xpack.actions.preconfigured settings to your kibana.yml file. For example:

xpack.actions.preconfigured:
  my-resilient:
    name: preconfigured-resilient-connector-type
    actionTypeId: .resilient
    config:
      apiUrl: https://elastic.resilient.net
      orgId: ES
    secrets:
      apiKeyId: testuser
      apiKeySecret: tokenkeystorevalue

Config defines information for the connector type.

apiUrl
An address that corresponds to URL.
orgId
An ID that corresponds to Organization ID.

Secrets defines sensitive information for the connector type.

apiKeyId
A string that corresponds to API key ID.
apiKeySecret
A string that corresponds to API Key secret. Should be stored in the Kibana keystore.

Test connectors

edit

You can test connectors with the run connector API or as you’re creating or editing the connector in Kibana. For example:

IBM Resilient params test

IBM Resilient actions have the following configuration properties.

Incident types
The type of the incident.
Severity code
The severity of the incident.
Name
A name for the issue, used for searching the contents of the knowledge base.
Description
The details about the incident.
Additional comments
Additional information for the client, such as how to troubleshoot the issue.

Connector networking configuration

edit

Use the Action configuration settings to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use xpack.actions.customHostSettings to set per-host configurations.

Configure IBM Resilient

edit

IBM Resilient offers Instances, which you can use to test incidents.