Admin Guide

Synapse-Cybersixgill Admin Guide

Configuration

Synapse-Cybersixgill requires a Cybersixgill API key. For information on how to generate credentials, please visit the Cybersixgill developer portal.

Setting API key for global use

To set-up a global API key:

> cybersixgill.setup.apikey myclientid myclientsecret
Setting Cybersixgill client id and secret for all users.

Using per-user API keys

A user may set-up their own API key:

> cybersixgill.setup.apikey --self myclientid myclientsecret
Setting Cybersixgill client id and secret for the current user.

Dependencies

Synapse-Cybersixgill does not have any dependencies.

Permissions

Package (synapse-cybersixgill) defines the following permissions:
power-ups.cybersixgill.user      : Controls user access to Synapse-Cybersixgill. ( default: false )

You may add rules to users/roles directly from storm:

> auth.user.addrule visi power-ups.cybersixgill.user
Added rule power-ups.cybersixgill.user to user visi.

or:

> auth.role.addrule ninjas power-ups.cybersixgill.user
Added rule power-ups.cybersixgill.user to role ninjas.

Exported APIs

Synapse-Cybersixgill does not currently export any APIs.

Workflows

Synapse-Cybersixgill provides the following workflows in Optic:

Title: Configuration
Title: Credentials Leaks
Title: Intel Items

Node Actions

Synapse-Cybersixgill provides the following node actions in Optic:

Name : iocs
Desc : Search for IOCs using Synapse-Cybersixgill
Forms: inet:fqdn, inet:ipv4, inet:url, hash:sha256, hash:sha1, hash:md5, file:bytes

Name : cve.enrich
Desc : Enrich CVEs with additional data from Synapse-Cybersixgill
Forms: it:sec:cve, risk:vuln

Onload Events

Synapse-Cybersixgill does not use any onload events.