Configure the Fortify on Demand Source Adapter:
The following should be done under the account svc-saltminer (using sudo su as shown below):
$ sudo su svc-saltminer
Edit the FOD configuration file and set the fields shown below:
$ nano /etc/saltworks/saltminer-2.5.0/Sources/Fod1.json
FOD Configuration Example Field Values:
"BaseUrl": "https://api.ams.fortify.com"* The client_id and client_secret are found in Fortify on Demand by going to the Administration menu and then Settings on the left and finally API. You will need to use, or create, an API Key which is the client_id attribute above. When you create an API key you are given a Secret Key, which is the client_secret attribute above. The role of the API key must be set to Security Lead. The GuiUrlTemplate is used in the creation of vulnerability documents and should match the BaseUrl setting.
"ClientId": "YourClientIDHere"
"ClientSecret": "YourClientSecretHere"
"GuiUrlTemplate": "https://ams.fortify.com/Releases/{avid}/Issues/{issueId}"
Test the Adapter Connections:
Once configured for Fortify SSC and/or FOD, run RunTestConnections.py from /usr/share/saltworks/saltminer-2.5.0. Be sure to change to the svc-saltminer user and export the environment variable for the configuration directory.
$ sudo su svc-saltminer $ export 'SALTMINER_2_CONFIG_PATH=/etc/saltworks/saltminer-2.5.0' $ cd /usr/share/saltworks/saltminer-2.5.0 $ python3 ./RunTestConnections.pyShould get the following result:
****************************
** Results:
** Elasticsearch: OK
** SSC: ???
** FOD: OK
****************************
Run the Source Adapters and the SaltMiner Manager:
To manually run the script to ingest all data from SSC, change to the below directory and run agentcron25.sh followed by managercron25.sh :
$ python3 RunDevToolsUtility.py install_script.dev_tools
$ cd /usr/share/saltworks/saltminer-3.0.0/
$ ./agentcron25.sh
$ ./managercron.sh
$ ./managercron.sh snapshot