IBM Security QRadar SOAR

 View Only
  • 1.  Resilient Developer Set up - (Integration Server)

    Posted Thu October 10, 2019 05:18 AM

    Hi All, 

    Currently, I'm exploring the Resilient Platform (custom app/functions/workflows/rc-cts package development ). If anyone has good setup environment for Resilient App/Package Development. Please share your inputs/suggestions here. 


    Thanks, 

    Santhosh Baswa



    ------------------------------
    SANTHOSH BASWA
    ------------------------------


  • 2.  RE: Resilient Developer Set up - (Integration Server)

    Posted Thu October 10, 2019 06:02 AM
    Hey,
    I too had the  problem in setting up the dev environment for developing the functions , because of no clear documentation that could help us in one GO. but i managed to just set up the environment developed some hello work kind of functions  :-p,

    now exploring to build more useful functions

    ------------------------------
    sudheer kumar
    ------------------------------



  • 3.  RE: Resilient Developer Set up - (Integration Server)

    IBM Champion
    Posted Thu October 10, 2019 11:31 AM
    Hey,

    You'll want to follow the documentation listed in the latest Resilient Integration Server Guide here.

    Some pointers:
    - Python 3 is the way to go from here on out, I believe, but you'll want to check with Support to verify that.
    - Ensure you update all pip packages (with the exception of a few that require downgrades for Resilient-Circuits) and are running the latest Python version.
    - Follow these steps to develop functions for use in workflows: https://developer.ibm.com/security/resilient/functions/

    ------------------------------
    Jared Fagel
    Cyber Security Analyst Intern
    Public Utility
    ------------------------------



  • 4.  RE: Resilient Developer Set up - (Integration Server)

    Posted Thu October 10, 2019 01:15 PM
    Thanks mate !!! 

    Regards, 
    Santhosh

    ------------------------------
    SANTHOSH BASWA
    ------------------------------



  • 5.  RE: Resilient Developer Set up - (Integration Server)

    Posted Tue October 15, 2019 10:00 AM
    Looking for IBM Resilient documentation? SuccessHub is the primary source for Resilient documentation. (You will need an IBM PartnerWorld ID to log in.) Also, if your looking for developer resources and integration server documentation then use GitHub-ibmresilient. Lastly, for Resilient API documentation use https://developer.ibm.com/security/resilient/


    ------------------------------
    Suzanne Russell CISSP, CRISC, GCIH, ITIL
    Security Architect | IBM Alliance | Group Strategic Initiatives & Partnerships
    Capgemini North America | Austin Texas
    Mob.: + 1-512-913-9292
    ------------------------------



  • 6.  RE: Resilient Developer Set up - (Integration Server)

    Posted Tue October 15, 2019 10:01 AM
    Edited by Suzanne Russell Tue October 15, 2019 10:02 AM
    Apologies for the double post....Looking for IBM Resilient documentation? SuccessHub is the primary source for Resilient documentation. (You will need an IBM PartnerWorld ID to log in.) Also, if your looking for developer resources and integration server documentation then use GitHub-ibmresilient. Lastly, for Resilient API documentation use https://developer.ibm.com/security/resilient/


    ------------------------------
    Suzanne Russell CISSP, CRISC, GCIH, ITIL
    Security Architect | IBM Alliance | Group Strategic Initiatives & Partnerships
    Capgemini North America | Austin Texas
    Mob.: + 1-512-913-9292
    ------------------------------



  • 7.  RE: Resilient Developer Set up - (Integration Server)

    IBM Champion
    Posted Wed October 23, 2019 10:43 AM
    Santhosh,

    I have a VM on my local computer that I do all of my development on. The VM has resilient-circuits on it, so I'm able to run functions as I'm developing them within Resilient (and I have the ability to run the debugger within the function code in Visual Studio Code as well). Registering my VM with our Resilient Integration was essentially the same process as setting up our integration server (install resilient-circuits, run resilient-circuits -c, configure config file values with our Resilient platform information, pip install functions, resilient-circuits config -u, edit config values, run resilient-circuits). Once the function becomes stable I then pip uninstall it from my VM, package the function and then move it to the integration server where I do the function installation steps. It is worth noting that when I install the function on my vm, I install with the -e flag, which allows any changes I make to take effect without having to reinstall via pip.

    If you'd like me to expand on anything I'd be more than happy to!

    ------------------------------
    Liam Mahoney
    ------------------------------