- 08 Feb 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Lacework
- Updated on 08 Feb 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Lacework provides cloud security automation for AWS, Azure, and GCP with a comprehensive view of risks across cloud workloads and containers.
Types of Assets Fetched
This adapter fetches the following types of assets:
- Devices
- Users
Parameters
Lacework Domain (required) - The hostname or IP address of the Lacework server that Axonius can communicate.
Access Key ID (required) - The Access Key ID. It is recommended to use a Lacwork Service User to generate the needed API key. The Service User’s role must be Admin or have read-only access to all API endpoints as detailed here.
Secret Key (required) - An API secret key. Refer to Generate API Access Keys and Tokens for information on how to generate the secret key.
Sub Account - Enter a sub account name to fetch data from a defined sub account. The authorization token needs to have org admin permissions to do this.
API Version (required, default API_V2) - Select this option to force the adapter to use a specific version of the Lacework API.
Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.
HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.
To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.
Advanced Settings
Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to Advanced Configuration for Adapters
- Async chunks in parallel (required, default: 50) - Specify the number of parallel requests all connections for this adapter will send to the Lacework server in parallel at any given point.
- Drop devices where Machine Status is offline (required, default: false) - Select to exclude devices with a machine status of Offline.
- Fetch from inventory (default: true) - Select this option to fetch devices from the Inventory endpoint (api/v2/Inventory/search).
- Fetch additional entities - Toggle on this option to enable fetching of additional entities.
- Additional entities (default: Agents) - From the drop-down, select the relevant options.
- Require hostname - Select this option to require hostname.
- Fetch vulns for entities - Toggle on this option to enable fetching of vulnerabilities for entities.
APIs
Axonius uses the Lacework API v2.
Supported From Version
Supported from version 4.4