SOAR Wiki

Table of Contents

• Release Notes

• Overview

  • Key Features

• Installation

  • Requirements

  • Install

  • App Configuration

• Function - Wiki Get Contents

• Function - Wiki Create or Update Page

• Function - Wiki Lookup

• Rules

• Troubleshooting & Support

---

Release Notes

Release Notes

Release History

Version	Date	Notes
1.0.1	6/2021	Incorrect bool to string value fix
1.0.0	11/2020	Initial Release

---

Overview

Perform operations against the Resilient wiki: create or update pages, read wiki contents and perform lookups of content.

Key Features

• Create or update a wiki page, including child pages

• Get the contents of a wiki page

• Lookup content in a specific page

---

Installation

Requirements

• Resilient platform >= v36.0.5634

• An App Host or an Integration Server:

  • To setup up an App Host see: ibm.biz/res-app-host-setup

  • An Integration Server running resilient_circuits>=30.0.0 on Python 3.6 (if using an Integration Server)

    • To set up an Integration Server see: ibm.biz/res-int-server-guide

    • If using an API key account, minimum required permissions are:

      Name	Permissions
      Org Data	Read
      Function	Read

• Proxy supported: n/a.

---

Install

• To install or uninstall an App using the App Host see ibm.biz/res-install-app

• To install or uninstall an Integration using the Integration Server see the ibm.biz/res-install-int

---

App Configuration

This app has no settings in app.config.

---

Function - Wiki Get Contents

Return the contents of a wiki page based on the page’s title or id. Optionally convert the results to JSON format (for string-encoded JSON data).

Inputs:

Name	Type	Required	Example	Tooltip
wiki_contents_as_json	boolean	No	-	-
wiki_path	text	Yes	parent/sub parent/target_wiki	Use slash between wiki pages

Outputs:

results = {
    # TODO: Copy and paste an example of the Function Output within this code block.
    # To view the output of a Function, run resilient-circuits in DEBUG mode and invoke the Function.
    # The Function results will be printed in the logs: "resilient-circuits run --loglevel=DEBUG"
}

Example Pre-Process Script:

None

Example Post-Process Script:

note = u"Page: '{}'".format(results.inputs.get('wiki_path'))
if results.content:
    note = u"{} contents:\n\n{}".format(note, results.content['text'])
    if results.content.get('json'):
        note = u"{} \nJSON contents:\n\n{}".format(note, results.content['json'])
else:
    note = u"{} not found".format(note)

incident.addNote(note)

---

Function - Wiki Create or Update Page

Create or update a wiki page in Resilient based on the page’s title or id. Optionally create a page as a child page.

Inputs:

Name	Type	Required	Example	Tooltip
wiki_body	text	Yes	-	-
wiki_create_if_missing	boolean	Yes	-	Specify ‘No’ to only update
wiki_path	text	Yes	parent/sub parent/target_wiki	Use slash between wiki pages

Outputs:

results = {
    # TODO: Copy and paste an example of the Function Output within this code block.
    # To view the output of a Function, run resilient-circuits in DEBUG mode and invoke the Function.
    # The Function results will be printed in the logs: "resilient-circuits run --loglevel=DEBUG"
}

Example Pre-Process Script:

None

Example Post-Process Script:

note = u"Page/Id: '{}'".format(results.inputs.get('wiki_path'))
if results.content:
    incident.addNote(u"{} created/updated\n\n{}".format(note, results.content['text']))

---

Function - Wiki Lookup

Search a wiki page based on a search term and return the matching lines. The search term can be a regular expression (regex) for generalized lookup.

Inputs:

Name	Type	Required	Example	Tooltip
wiki_search_term	text	No	-	text or regular expression format
wiki_path	text	Yes	parent/sub parent/target_wiki	Use slash between wiki pages

Outputs:

results = {
    # TODO: Copy and paste an example of the Function Output within this code block.
    # To view the output of a Function, run resilient-circuits in DEBUG mode and invoke the Function.
    # The Function results will be printed in the logs: "resilient-circuits run --loglevel=DEBUG"
}

Example Pre-Process Script:

None

Example Post-Process Script:

note = u"Page/Id: '{}'".format(results.inputs.get('wiki_path'))
if results.content:
    incident.addNote(u"{}\n\n{}".format(note, "\n".join(results.content)))
else:
    incident.addNote(u"{} not found".format(note))

---

Rules

Use the example rules and workflows to understand how to use the inputs and parse the resulting content. Design your own rules and workflows based on your business requirements.

Rule Name	Object	Workflow Triggered
Example: Wiki Get Contents	incident	example_wiki_get_contents
Example: Wiki Create Page	incident	example_wiki_create_page
Example: Wiki Lookup	incident	example_wiki_lookup

---

Troubleshooting & Support

If using the app with an App Host, see the Resilient System Administrator Guide and the App Host Deployment Guide for troubleshooting procedures. You can find these guides on the IBM Knowledge Center, where you can select which version of the Resilient platform you are using.

If using the app with an integration server, see the Integration Server Guide

For Support

This is a IBM Community Provided App. Please search the Community https://ibm.biz/resilientcommunity for assistance.