.png?sv=2019-07-07&sig=aF9r4Nd%2BnB2k6a%2FLKR%2By%2BzU9GpZL0kBFcc3lNgKUAQA%3D&spr=https%2Chttp&st=2023-06-04T01%3A38%3A50Z&se=2023-06-04T01%3A48%3A50Z&srt=o&ss=b&sp=r){kind=logo}
Manage Custom Enrichment - Enrich Assets with CSV File
- 23 Apr 2023
- 3 Minutes to read
- Print
- DarkLight
- PDF
Manage Custom Enrichment - Enrich Assets with CSV File
- Updated on 23 Apr 2023
- 3 Minutes to read
- Print
- DarkLight
- PDF
Article Summary
Manage Custom Enrichment - Enrich assets with CSV file adds or removes custom enrichment data, contained in a CSV file, to or from assets using the Custom Enrichment feature.
- Assets that match the results of the selected saved query, and match the Enforcement Action Conditions, if defined or assets selected on the relevant asset page.
See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.
General Settings
- Enforcement Set name (required) - The name of the Enforcement Set. A default value is added by Axonius. You can change the name according to your needs.
- Add description - Click to add a description of the Enforcement Set. It is recommended to describe what the Enforcement Set does.
- Run action on assets matching following query (required) - Select an asset category and a query. The Enforcement Action will be run on the assets that match the query parameters.
- A query only returns results for the asset type it was created for.
- Not all asset categories are supported for all Enforcement Actions.
- See Actions supported for Activity Logs and Adapter Fetch History Modules
- See Actions supported for Vulnerabilities.
- See Actions supported for Software.
- Action name (required) - The name of the Main action. A default value is added by Axonius. You can change the name according to your needs.
- Configure Action Conditions - Toggle on to enter a condition statement. See Configuring Enforcement Action Conditions to learn more about condition statement syntax.
NOTETo enrich all assets, you can also use the All Devices or All Users queries.
Required Fields
These fields must be configured to run the Enforcement Set.
Action type - Select whether to Add or Remove a custom enrichment to or from assets.
- When Remove is selected, the custom enrichments will be removed from all assets returned by the query selected. To ensure that the enrichment is removed from all assets, select a query that will return all assets for each asset module.
Select file input method - You can either upload a file from your system, or use a file saved in a storage system.
To upload a file from your system
- From the Select file input method drop down choose Upload file.
- Select Choose file to browse for and upload the CSV file.
To use a file from an online storage location
NOTEIf you are uploading a file from an online storage location and you want to use this file only for custom enrichment, you must disable the Active Connection setting on the CSV adapter connection.
Axonius uses the capabilities of the CSV adapter to use a CSV file from a storage location.
Prerequisite: Make sure you have configured the relevant CSV file using a CSV adapter connection. Give a name to the connection (connection label) so that you can identify it in the dropdown list.
- Configure the file name, location and credentials required to access the file using the CSV adapter, these can be SMB, Azure, blob, Amazon S3 bucket etc.
- From the Select file upload method drop down, choose Select CSV adapter connection.
- From the Select adapter connection dropdown, select the connection that contains the file to be used.
Statement - Enter a custom enrichment statement. See Custom Enrichment for more information on creating a custom enrichment statement. Custom fields can also be used in Custom Enrichment statements.
Syntax Helper - Use the Syntax Helper to get the correct field name. Select the Adapter and the field name from the lists and click
Then, paste the field name into the statement.
For more details about other Enforcement Actions available, see Action Library.