Connecting to an IBM Security Verify Analytics asset data source
The IBM Security Verify Analytics Connected Assets and Risk connector can be run in the platform cluster. The connector incrementally synchronizes the contents of the IBM Security Verify Analytics asset databases with the data that is managed by the Connected Assets and Risk service.
Before you begin
To set up the IBM Security Verify Analytics Bridge and Security Verify Tenant for IAM data, complete the following steps.
- Create a tenant in IBM Security Verify Tenant with the
Identity Analytics
orCIA
plan. - Set up an IBM Security Verify Analytics bridge. For more information, see IBM Security Verify Analytics on dockerhub (https://hub.docker.com/r/ibmcom/ciabridge).
- To generate the data that is required for the Verify Connected Assets and Risk connector, when you set up ciabridge docker, pass the CLOUD_PAK_SECURITY="true" flag as an environment variable.
- Set tenant binding from the IBM Security Verify bridge to IBM Security Verify Tenant and enable replication.
- Configure the IBM Security and IDentity
Manager, Identity Governance and Intelligence data source and run analysis.
After analysis is complete, IBM Security Verify Tenant data is replicated in the Analytics tab dashboard of IBM Security Verify Tenant.
- to create an API ClientId and secret from IBM Security Verify tenant, go to
under the Admin settings and select
Manage API Clients.
The ClientId and secret with the tenant URL are used to run the Verify Connected Assets and Risk connector.
About this task
The IBM Security Verify Analytics connector is designed
to work with the /analytics-rp/api/v1.0
API endpoint.
The Security Verify Tenant uses analyzed data
that is replicated from IBM Security Verify Analytics to
bridge entities such as users, accounts, applications, and relationships like
userAccount
and accountApplication
data.
For more information about the Security Verify Tenant, see IBM Security Verify Analytics Bridge (https://www.ibm.com/docs/en/SSCT62/com.ibm.iamservice.doc/concepts/cia_cpt_overview.html).
Procedure
Results
The connector imports data from the data source. The connector imports data source again at the interval that you set in the Frequency field.
You can see the data source connection configuration that you added under Connections on the Assets tab of the Data source settings page. A message on the card indicates connection with the data source.
You can add other connection configurations for this data source that have different users and different data access permissions.
What to do next
Test the connection by searching for an IP address in IBM Security Data Explorer that matches an asset data source. In Data Explorer, click an IP address to view its associated assets and risk.
To use Data Explorer, you must have data sources that are connected so that the application can run queries and retrieve results across a unified set of data sources. The search results vary depending on the data that is contained in your configured data sources. For more information about how to build a query in Data Explorer, see Build a query.