CSV Legacy Remote File Configuration

This adapter configuration page details the configuration of the following CSV based adapters, using the Legacy CSV Remote File Configuration.
For full details about configuration of the CSV and JSON adapters refer to the CSV adapter.

Parameters

1. File contains users information

   • Selecting this option imports the file as a list of users instead of devices.
   • See the below section for fields required in a Users Information File.

2. File contains installed software information

   • Selecting this option imports an installed software list instead of devices.
   • See the below section for fields required in a Software Applications File.

3. File name (required) - A unique name for the adapter connection. The value supplied here is populated in the File name field for the data supplied by a specific adapter connection.

   Note:

   The specified File Name is not required to be the actual imported file name. This field is an identifier for use in the Query Wizard.

4. Upload file (optional) - Select a local CSV file to import.

   Note:

   • When using this option, the data imported from the CSV will never be fetched again, as the file is static.
   • Each adapter that imports files supports a different file type: CSV, JSON, or XML.

5. Path to resource (SMB/URL/Folder path) (optional) - Specify an SMB share path, HTTP(S) URL, FTP URL, or folder path where a file can be fetched for this connection.
   

   Note:

   If you are uploading a file from an online storage location and you want to use this file only for custom enrichment, you must disable the Active connection setting on the CSV adapter connection. In this case, the CSV adapter connection will not fetch new assets.

   

   • This path must include the file name.
   • If an SMB share path is supplied:
     • The path must start with double-backslashes ("\\").
     • If Suppress NetBIOS name lookup is enabled, the path must include the server's full NetBIOS name in the following format:
       \\<full_server_NetBIOS_name>\path\to\file.ext
     • Wildcards are supported in file names.
       • Suppress NetBIOS name lookup must be enabled.
       • The asterisk * wildcard matches any sequence of characters (0 or more, including NULL characters).
       • The ? wildcard matches a single character (or a NULL at the end of a file name).
       • The matching file names are sorted by file creation time.
       • If multiple files match the wildcard search, the most recently created file is selected.
   • If an HTTP(S) URL is supplied:
     • The endpoint must support the HTTP GET method.
     • All URLs must start with HTTP:// or with HTTPS://
   • If an FTP URL is supplied, all URLs must start with FTP:// or with SFTP:// or with FTPS://
     • The default port for each method is as follows:
       • FTP: 21
       • SFTP: 22
       • FTPS: 990
     • A custom port can be specified in the supplied path, for example: ftps://my.host.in.axonius.com:21/path/to/file.ext
   • If a folder path is supplied:
     • The remaining necessary parameters for Microsoft OneDrive must be provided.
     • The path must be separated by forward slashes.
     • For personal files on Microsoft OneDrive, use the path relative to 'My files'. For example, the folder path for "My files > Documents > Axonius > file.csv" should be Documents/Axonius/file.csv).
     • Use the URL of the file when opened in the browser (recommended). Alternatively, use the Copy Link from the file (this method will work, but, the link will expire and will need to be regularly updated)

6. Username for online resource (Share/URL) and Password for online resource (Share/URL) (optional) - Username and password for the SMB share, URL, or folder path. These settings may be required if the "ubuntu" user on the Axonius system does not have access to the SMB share / URL / folder path.

   • If supplied for an SMB or folder path, the username and password are used for authentication of this connection.
   • If supplied for a URL, the username and password are used for BASIC authentication of this connection.

7. Microsoft OneDrive Tenant ID (optional) - Microsoft Entra ID (Azure AD) ID. Used to authenticate Microsoft OneDrive through Microsoft Entra ID (Azure AD) and use the Graph API.
8. Microsoft OneDrive Client ID (optional) - The Application ID of the Axonius application.
9. Azure Cloud Environment (optional) - Select your Microsoft Azure or Microsoft Entra ID (Azure AD) cloud environment type.

12. Azure Storage Container Name (optional) - The name of the container on Azure where the CSV file is located.

13. Azure Connection String (optional) - The connection string that includes the authorization information required to access data in the Azure Storage account. You can find the connection string in the Azure portal under Storage Accounts -> [Account Name] -> Access Keys, where [Account Name] is the specific storage account that contains the CSV files to be ingested into Axonius. Copy the entire connection string and paste it into this field.

14. Azure Blob Name (optional) - The Azure Blob Name.

15. Amazon S3 bucket name (optional) - The name of the S3 bucket to fetch the file.

16. Amazon S3 object location (optional) - The location within the S3 bucket where the file can be fetched.

17. Amazon S3 Use EC2 Attached Instance Profile

    • If enabled, Axonius uses the EC2 instance (Axonius installed on) attached IAM role / instance profile.
    • If disabled, Axonius uses the supplied account details in the AWS Access Key ID and AWS Access Key Secret.

18. Amazon S3 Access Key ID and Amazon S3 Secret Access Key (optional) - The credentials used to access the S3 object.

19. Box Platform private key configuration file (optional) - The private key configuration file that provides the Required Permissions to fetch assets. This JSON authentication file must have permission to read/download the specified File ID. In order to fetch files from Box Platform both of these settings must be configured.

20. Box File ID (optional) - The ID of the Box file. The ID for any file can be determined by visiting a file in the web application and copying the ID from the URL. For example, for the URL https://*.app.box.com/files/123 the file_id is 123. Refer to Box Platform documentation for more information

21. Encoding (optional) - Specify a specific file encoding or let Axonius encode it.

    • If supplied, Axonius tries to encode the CSV file based on the specified file encoding type (for example, utf-8) for this connection.
    • If not supplied, Axonius tries to encode the CSV file based on common file encoding types for this connection.

22. Ignore illegal characters - Select whether illegal characters are ignored during the data import. An illegal character is any character that cannot be translated in the specified file encoding.

    • If enabled, Axonius ignores illegal characters and omits those from the imported data.
    • If disabled, if an illegal character is found, the entire data import fails.

23. Verify SSL - If an HTTP(S) URL is specified, verify the SSL certificate offered by the host supplied in the Path to Resource (SMB/URL/Folder path) field. For more details, see SSL Trust & CA Settings.

24. HTTP proxy (optional) - A proxy to use when connecting to the HTTP(S) URL specified in Path to Resource (SMB/URL/Folder path).

25. HTTPS proxy (optional) - A proxy to use when connecting to the HTTP(S) URL specified in Path to Resource (SMB/URL/Folder path).

26. Additional HTTP headers (optional) - Specify additional information to pass with the HTTP request.

    • If supplied, Axonius passes additional information with the HTTP request (for example, {"Accept": "text/csv"}) for this connection.
    • If not supplied, Axonius does not pass additional information with the HTTP request for this connection.

27. Suppress NetBIOS name lookup - Applicable only for files fetched from SMB share.

    • If enabled and the file is fetched from SMB share, Axonius does not verify the server's name via NetBios for this connection. This option must be enabled in order to use wildcards in SMB file names.
    • If disabled and if the file is fetched from SMB share, Axonius verifies the server's name via NetBios for this connection.

28. Custom prefix for dynamic fields (optional) - Specify a prefix to be added for dynamic fields. A dynamic field refers to any field that is not part of an asset default field.

    • If supplied, Axonius adds the specified prefix for any dynamic field. This can assist you in identifying such fields.
    • If not supplied, Axonius does not add any prefix for any dynamic field.

29. Multi-value fields delimiter (optional) - Specify a delimiter to separate between values within the same field in the imported CSV file.

    • If supplied, Axonius considers fields that contain the specified delimiter as multi-value fields. For example, ';'.
    • If not supplied, Axonius considers all imported fields as single-value fields.

30. File Type - Select the type of file uploaded, either CSV, or Excel Spreadsheet. When you select "Excel Spreadsheet", the adapter supports .xls , and.xlsx files, and pulls in the entirety of the first Worksheet as if it were a CSV table. Functionality for tables uploaded from Excel is the same as for CSV files.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Advanced Settings

• Set Time Zone - Set the time zone of date fields fetched with this adapter. Default is UTC.
• Use fetch time for Last Seen - Select this option to set that all entities (devices and users) fetched by this adapter have their Last Seen set to the time the entity was fetched (fetch_time).
  
  

APIs

When uploading files from Microsoft OneDrive, Axonius uses the List FIles Shared With Me - OneDrive API - OneDrive dev center.

Required Permissions

When uploading files from Microsoft OneDrive, and using OAuth authentication the value supplied in Microsoft OneDrive Client ID must have Files.Read.All delegated permissions in the Azure application in order to to fetch files.

When uploading files from Microsoft OneDrive, the value supplied in Username for online resource (Share/URL) must have Files.Read.All permissions to fetch files.

If multiple file options are added to a 'file-based' adapter, what file is imported?

If multiple import file import types are provided in the CSV adapter (or for other file-based adapter), they are imported in the following order:

1. Path to resource (SMB/URL/Folder path)
2. Amazon S3 Bucket
3. Uploaded file

The file content is determined based on the following order:

1. User assets - If File contains users information is selected
2. Installed software list - If File contains installed software information field is enabled.
3. Device assets - If none of the options above is selected, the CSV is assumed to be a device CSV. If a device exists more than once in a CSV file, only the first device found is used.

Which fields are required for each Import Type?

Which fields are imported with a devices file?

The following data is imported as common data fields while any other data in the CSV/JSON/XML is exclusively be Adapter Specific data.

Which fields are imported with a users file?

The following data is imported as common data fields while any other data in the CSV/JSON is exclusively Adapter Specific data.

Which fields are imported with a software applications file?

The following data is imported as common data fields while any other data in the CSV/JSON is exclusively Adapter Specific data.
In order for vulnerabilities to be parsed from the CSV adapter, the MINIMUM requirements are:

• The adapter is configured with "File contains installed software"
• The file has at least the following headers:
  • Hostname (or any of the headers supported as hostname)
  • Software Name (header must be present, though may be empty on a row)
  • CVE ID

The other headers (or data in a row for those headers) are optional for the purposes of parsing vulnerabilities

Example CSV File

For an example of a CSV file, download the following zipped csv:

CSVExamples.zip