The following Source Adapters are available in SaltMiner
- Fortify SSC
- WhiteSource
- Sonatype
- Black duck
- Twistlock
- Burp
- Checkmarx
- WebInspect
- Qualys
- Snyk
- SonarQube
- Contrast
SourceAdapter Configuration
Source adapter settings are configured using a JSON file. Settings for a specific source adapter can be found by navigating using the menu on the right.
The settings which are common to all adapters are below.
LogNeedsUpdate: When set to true, this will add a log entry with the details of the source metric that is being updated due to changes from the API source.
Default: false
VerifySsl: When set to true, API requests will verify SSL certificates are setup. It is recommended to set this to true in production and will log a warning if not.
Default: true
LoadingDelay: Delay in milliseconds to wait for local queue operations to complete.
StillLoadingDelay: Delay in seconds to wait when no queue scans are ready but loading is not complete.
DataApiRetryCount: How many times a request should retry before reporting the error if a Data API call fails with a 5xx error.
SourceAbortErrorCount: Max errors allowed before aborting the processing of the source adapter.
QueueIssueBatchSize: How many issues to batch together when sending to the API.
QueueAssetBatchSize: How many assets to batch together when sending to the API.
QueueScanBatchSize: How many scans to batch together when sending to the API.
DisableRetire: If set to true, assets not found in the source will not be retired (true/false). This should be set to false.
DisableFirstLoad: If set to true, will disable First Load feature which attempts to load from the server when missing local source metric data. (true/false)
SourceMetricBatchSize: Batch size for processing bulk source metric updates.
TestingAssetLimit: This will limit the number of API records returned from the source API request. If set to zero, all data will be pulled and processed from the API.
Default: 0
IssueSeverityMap: Maps the source severity name to one of the Saltminer severity names. Valid Saltminer severity names are Critical, High, Medium, Low.
Example: “IssueSeverityMap”: {“critical”: “Critical”, “high”: “High”, “medium”: “Medium”, “low”: “Low”}
SendFailureDeleteDays: Any local queue scans that received an ‘error’ status when attempting to send and are older than this number (in days) will be qualified for deletion.
Example: If set to 7, failed local queue scans older than 7 days will be qualified for deletion.
Default: 7
SendFailureCount: This is the limit of failures/errors to determine when to reset or delete the failed queue scans.
Example: If the number is 3, any queue scans with an error status less than this number will be reset back to ‘loading’ status. Any queue scans with error status greater than or equal to this number, will be deleted.
Default: 3
CustomAssemblyType: Name to identify the custom assembly type. This is necessary as part of the process to load a custom assembly if applicable.
Default: “N/A”
CustomAssemblyName: Name to identify the custom assembly name. This is necessary as part of the process to load a custom assembly if applicable.
Default: “N/A”
HasCustomAssembly: if set to true, the sync process with load a custom assembly to perform additional data manipulations. (true/false).
Default: false
IsSaltminerSource: System setting (true/false) – should be set to true for all Saltminer provided sources. A licensing error may occur if this property is set incorrectly.
Default: true
SourceAssemblyType: Name to identify the source assembly.
Example: “Sonatype”
SourceType: Name to identify the source type.
Example: “Saltworks.Sonatype”
ConfigDirectory: This is the location path for each source adapter config file. This is required for the process to locate any of the config files to sync. Usually found in the root directory of the sync agent.
Default: “SourceConfigs”
ConfigFileName: Name to identify the config files. Helpful when there are multiple config files.
Example: “SonatypeConfig”
LastScanDaysPolicy: The number of days between scans allowed by policy.
Default: 60
EnableScannerIdNumberSequence: When set to true, this will add a number sequence to the end of vulnerability scanner ids that are the same and not unique as they are sent to queues. This will make the identical ids unique and allow the manager to process as if individual entries.
Default: false