Skip to main content

Export integration and reference new mappings

  • May 5, 2022
  • 5 replies
  • 46 views
A
Forum|alt.badge.img+2

Hi all! I am trying to add a new connector for new technology. I have deployed my community environment and run all the development there. Due I am working with a new technology, I had to add custom mapping for some fields. Is there a way I can export my integration and reference these mappings? I have seen in some integrations packages the integration_mapping_rules.json file.

I think that other way to achieve this is to export the integration and manually add this file. Unfortunately, you need specific knowledge of some ids related to transformation functions and other parameters:

{
"Source": "New technology",
"Product": "New technology",
"EventName": null,
"SecurityEventFieldName": "Field name",
"TransformationFunction": 0,
"TransformationFunctionParam": "",
"RawDataPrimaryFieldMatchTerm": "event_Success",
"RawDataPrimaryFieldComparisonType": 0,
"RawDataSecondaryFieldMatchTerm": "",
"RawDataSecondaryFieldComparisonType": 0,
"RawDataThirdFieldMatchTerm": "",
"RawDataThirdFieldComparisonType": 0,
"IsArtifact": false,
"ExtractionFunctionParam": "",
"ExtractionFunction": 0,
"CreationTimeUnixTimeInMs": 1623983029078,
"ModificationTimeUnixTimeInMs": 1623983029078
} I appreciate any hint you have in this matter

    5 replies

    J
    Forum|alt.badge.img+3
    • JoshShomo
    • New Member
    • May 10, 2022

    You should be able to pull down the full list of properties metadata using a get request to {dev-env-url}/api/external/v1/settings/GetPropertySchemaDetailsRecords?format=camel
    If you also pull the same list of properties from your new instance, you can programmatically compare them. Then one at a time, for the custom properties you want to add to the new box, make post requests to {}/api/external/v1/settings/addOrUpdatePropertyScehmaRecords?format=camel with the post request payload being the schema item copied from GetPropertySchemaDetailsRecords , but popping the following fields that I’ve seen cause siemplify to error: id , creationTimeUnixTimeInMs , modificationTimeUnixTimeInMs , product , valueForImportanceLevel , importanceLevel , orderNum , forDBMigration .

    J
    Forum|alt.badge.img+3
    • JoshShomo
    • New Member
    • May 10, 2022

    Hope this helps

    A
    Forum|alt.badge.img+2
    • aarguelles
    • Author
    • New Member
    • May 10, 2022

    Thanks! I will give it a try

    A
    Forum|alt.badge.img+2
    • aarguelles
    • Author
    • New Member
    • May 10, 2022

    On the other hand, I've found in the API documentation the endpoint /api/external/v1/ontology/GetMappingRules . It seems it can allow accessing mapping rules applicable to an alertIdentifier. I've tried using the Alert_id field fetched from the alert in Siemplify with no success. Has anybody used this particular endpoint?

    The error delivered by the endpoint is the following:

    {"ErrorCode":2000,"ErrorMessage":"Should be in the request Source\\\\Product\\\\EventName.","InnerException":null,"InnerExceptionType":null}
    I've tried to use the format depicted by the message with no success.

    Thanks for your help!

    T
    Forum|alt.badge.img+13

    This comment was originally sent by Tom Fridman
    Hi @aarguelles
    Unfortunately this is an outdated endpoint that is not used anymore in the system.
    We recommend using an alternative endpoint - /api/external/v1/ontology/GetMappingRulesForSettings,
    which requires the following syntax in the request:
    {
    "source": " ... ",
    "product": " ... ",
    "eventName": " ... "
    }

    Terms & ConditionsCookie settingsAccessibility statement
    Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

    © 2025 Google. All rights reserved.