Swimlane connector and action

edit

Swimlane connector and action

edit

The Swimlane connector uses the Swimlane REST API to create Swimlane records.

Create connectors in Kibana

edit

You can create connectors in Stack Management > Connectors or as needed when you’re creating a rule. For example:

Swimlane connector
Connector configuration
edit

Swimlane connectors have the following configuration properties:

Name
The name of the connector.
URL
Swimlane instance URL.
Application ID
Swimlane application ID.
API token
Swimlane API authentication token for HTTP Basic authentication.

Create preconfigured connectors

edit

If you are running Kibana on-prem, you can define connectors by adding xpack.actions.preconfigured settings to your kibana.yml file. For example:

xpack.actions.preconfigured:
  my-swimlane:
    name: preconfigured-swimlane-connector-type
    actionTypeId: .swimlane
    config:
      apiUrl: https://elastic.swimlaneurl.us
      appId: app-id
      mappings:
        alertIdConfig:
          fieldType: text
          id: agp4s
          key: alert-id
          name: Alert ID
        caseIdConfig:
          fieldType: text
          id: ae1mi
          key: case-id
          name: Case ID
        caseNameConfig:
          fieldType: text
          id: anxnr
          key: case-name
          name: Case Name
        commentsConfig:
          fieldType: comments
          id: au18d
          key: comments
          name: Comments
        descriptionConfig:
          fieldType: text
          id: ae1gd
          key: description
          name: Description
        ruleNameConfig:
          fieldType: text
          id: avfsl
          key: rule-name
          name: Rule Name
        severityConfig:
          fieldType: text
          id: a71ik
          key: severity
          name: severity
    secrets:
      apiToken: tokenkeystorevalue

Config defines information for the connector type.

apiUrl
An address that corresponds to URL.
appId
A key that corresponds to Application ID.

Secrets defines sensitive information for the connector type.

apiToken
A string that corresponds to API Token. Should be stored in the Kibana keystore.

Test connectors

edit

You can test connectors with the run connector API or as you’re creating or editing the connector in Kibana. For example:

Swimlane params test

Swimlane actions have the following configuration properties.

Comments
Additional information for the client, such as how to troubleshoot the issue.
Severity
The severity of the incident.

Alert ID and Rule Name are filled automatically. Specifically, Alert ID is set to {{alert.id}} and Rule Name to {{rule.name}}.