Merge pull request #46 from JupiterOne/INT-11348-ingest-sources

Int 11348 ingest sources

src/constants.ts

@@ -14,6 +14,13 @@ import {
   VULNERABILITY_ENTITY,
 } from './entities';
 
+export const INGESTION_SOURCE_IDS = {
+  USERS: 'users',
+  MACHINES: 'machines',
+  LOGON_USERS: 'logon_users',
+  VULNERABILITIES: 'vulnerabilities',
+};
+
 export const Steps: Record<
   | 'FETCH_ACCOUNT'
   | 'FETCH_MACHINES'

src/ingestionConfig.ts

@@ -0,0 +1,23 @@
+import { IntegrationIngestionConfigFieldMap } from '@jupiterone/integration-sdk-core';
+import { INGESTION_SOURCE_IDS } from './constants';
+
+export const ingestionConfig: IntegrationIngestionConfigFieldMap = {
+  [INGESTION_SOURCE_IDS.USERS]: {
+    title: 'Users',
+    description: 'Fetch User data',
+  },
+  [INGESTION_SOURCE_IDS.MACHINES]: {
+    title: 'Machines',
+    description: 'Fetch information about machines and endpoints',
+  },
+  [INGESTION_SOURCE_IDS.LOGON_USERS]: {
+    title: 'Logon Users',
+    description:
+      'Gather a collection of logged on users on a specific device and links it to existing data',
+  },
+  [INGESTION_SOURCE_IDS.VULNERABILITIES]: {
+    title: 'Vulnerabilities',
+    description:
+      'Retrieves a collection of discovered vulnerabilities and relates it to existing machines',
+  },
+};

src/steps/active-directory/index.ts

@@ -7,6 +7,7 @@ import { IntegrationConfig, IntegrationStepContext } from '../../config';
 import {
   ACCOUNT_ENTITY_KEY,
   Entities,
+  INGESTION_SOURCE_IDS,
   Relationships,
   Steps,
 } from '../../constants';
@@ -69,6 +70,7 @@ export const activeDirectorySteps: Step<
     entities: [Entities.USER],
     relationships: [Relationships.ACCOUNT_HAS_USER],
     dependsOn: [Steps.FETCH_ACCOUNT.id],
+    ingestionSourceId: INGESTION_SOURCE_IDS.USERS,
     executionHandler: fetchUsers,
   },
 ];

src/steps/ms-defender/logon-user/index.ts

@@ -5,7 +5,12 @@ import {
 } from '@jupiterone/integration-sdk-core';
 import { IntegrationConfig, IntegrationStepContext } from '../../../config';
 import { DefenderClient } from '../client';
-import { Entities, Relationships, Steps } from '../../../constants';
+import {
+  Entities,
+  INGESTION_SOURCE_IDS,
+  Relationships,
+  Steps,
+} from '../../../constants';
 import {
   createLogonUserEntity,
   createLogonUserEntityKey,
@@ -66,6 +71,7 @@ export const logonUserSteps: Step<
     entities: [Entities.LOGON_USER],
     relationships: [Relationships.MACHINE_HAS_LOGON_USER],
     dependsOn: [Steps.FETCH_MACHINES.id],
+    ingestionSourceId: INGESTION_SOURCE_IDS.LOGON_USERS,
     executionHandler: fetchLogonUsers,
   },
 ];

src/steps/ms-defender/machine/index.ts

@@ -9,6 +9,7 @@ import { DefenderClient } from '../client';
 import {
   ACCOUNT_ENTITY_KEY,
   Entities,
+  INGESTION_SOURCE_IDS,
   Relationships,
   Steps,
 } from '../../../constants';
@@ -109,6 +110,7 @@ export const machineSteps: Step<
     entities: [Entities.MACHINE],
     relationships: [Relationships.ACCOUNT_HAS_MACHINE],
     dependsOn: [Steps.FETCH_ACCOUNT.id],
+    ingestionSourceId: INGESTION_SOURCE_IDS.MACHINES,
     executionHandler: fetchMachines,
   },
   {

src/steps/ms-defender/vulnerabilities/index.ts

@@ -9,6 +9,7 @@ import { Vulnerability, Machine } from '../../../types';
 import { DefenderClient } from '../client';
 import {
   Entities,
+  INGESTION_SOURCE_IDS,
   MappedRelationships,
   Relationships,
   Steps,
@@ -90,6 +91,7 @@ export const vulnerabilitiesSteps: Step<
     entities: [Entities.VULNERABILITY],
     relationships: [Relationships.MACHINE_IDENTIFIED_VULNERABILITY],
     dependsOn: [Steps.FETCH_MACHINES.id],
+    ingestionSourceId: INGESTION_SOURCE_IDS.VULNERABILITIES,
     executionHandler: fetchFindings,
   },
   {