PrivX
PrivX provides privileged access to on-prem and cloud environments, including control access to servers, network devices, and other critical infrastructure according to user roles and privileges.
Types of Assets Fetched
This adapter fetches the following types of assets:
- Devices
- Users
Parameters
-
Host Name or IP Address (required) - The hostname or IP address of the PrivX server.
-
OAuth Client ID, OAuth Client Secret, API Client ID, and API Client Secret (required) - The credentials for an API client that has the Required Permissions to fetch assets.
-
Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
-
HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.
To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.
APIs
Axonius uses the SSH PrivX API Guide .
- The endpoint provides all the connection details per device.
Required Ports
- HTTPS port 443
Advanced Settings
Note
Advanced settings can either apply to all connections for this adapter, or to a specific connection. Refer to Advanced Configuration for Adapters.
- Using instance-id as hostname - Select to use the instance ID as the asset's hostname.
- Try resolving FQDN addresses to IP Addresses - Select this to have the adapter do the following: parse each address to network interfaces, check if the address is an FQDN, and if it is, try to resolve it to its proper IP address.
- Enable connections enrichment - Toggle this setting on for the system to collect details about device connections.
- Number of days ago to fetch connections details - When Enable connections enrichment is enabled, specify how many days back from the current date the system should collect connection information.
The connection details fetched include:
- Who accessed the device - This information is categorized into two parts:
- user_data - The user's display name.
- user_roles - The user's role name.
- From what IP - The remote_address from which the connection originated.
- Length of connection - The duration of the connection.
- Who accessed the device - This information is categorized into two parts:
- Number of days ago to fetch connections details - When Enable connections enrichment is enabled, specify how many days back from the current date the system should collect connection information.
The connection details fetched include:
Note
To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.
Required Permissions
The values supplied in OAuth Client ID, OAuth Client Secret, API Client ID and API Client Secret must have read access to devices and users.
To create an API client
- Log as a system admin to the PrivX server
- Go to Settings → Deployment → Integrate with PrivX using API Clients
.png)
- Click ADD API CLIENT.
.png)
- Select the following permissions:
- users-view
- hosts-view
- Click SAVE. The client API credential will be displayed. Use those in the adapter connection parameters.
Version Matrix
This adapter has only been tested with the versions marked as supported, but may work with other versions. Please contact Axonius Support if you have a version that is not listed and it is not functioning as expected.
| Version | Supported | Notes |
|---|---|---|
| SSH PrivX Authentication API: 1.0.1 | Yes | |
| SSH PrivX Local User Store API: 1.0.3 | Yes | |
| SSH PrivX Host Store API: 1.0.3 | Yes |
Updated 2 days ago