Login
    Contents x
    Orca Cloud Visibility Platform
    • 03 Dec 2023
    • 3 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Orca Cloud Visibility Platform

    • Updated on 03 Dec 2023
    • 3 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Orca Cloud Visibility Platform delivers visibility to cloud security posture, including prioritized alerts on vulnerabilities, compromises, misconfigurations, and more.

    Types of Assets Fetched

    This adapter fetches the following types of assets:

    • Devices

    Parameters

    1. Orca Domain (required) - The hostname of the Orca Cloud Visibility Platform server.
    2. API Key (optional) - The API Key generated in the Orca Cloud Visibility Platform.
    Note:

    The API Key was deprecated in Orca. An API Key is supported only if it was previously generated.

    1. API Token (optional) - The API Key generated in the Orca Cloud Visibility Platform for Axonius usage.
    Note:
    • You must supply either the API Key or API Token.
    • It is highly recommended to use the API Token.
    1. Filter - A filter that allows fetching only some devices based on an Orca query. For example, device types or devices that come from specific accounts.
    2. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
    3. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.
    4. To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

    ORca

    Advanced Settings

    Note:

    Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

    1. Asset type exclude list (optional) - Specify a comma-separated list of asset types.

      • If supplied, all connections for this adapter won't fetch devices whose asset type is any of the comma-separated list of asset types that have been defined in this field.
      • If not supplied, all connections for this adapter will fetch devices with any asset type.

    2. Asset type include list (optional) - Specify a comma-separated list of asset types.

      • If supplied, all connections for this adapter will only fetch devices whose asset type is any of the comma-separated list of asset types defined in this field.
      • If not supplied, all connections for this adapter will fetch devices with any asset type.

    3. Fetch only selected assets categories - From the drop-down select one or more categories to fetch. Only these categories will be fetched. If none are selected, then all categories are fetched.

    4. Fetch only selected asset sub-categories - From the drop-down select one or more sub-categories to fetch. Only these sub-categories will be fetched. If none are selected, then all sub-categories are fetched.

    5. Fetch alerts starting from the last X hours - Enter the number of hours back from which to begin to fetch alerts. Alerts will be fetched from that number of hours back, or greater.

    6. Fetch logs starting from the last x hours - Enter the number of hours back from which to begin to fetch logs. Logs will be fetched from that number of hours back, or greater.

    7. Fetch Container Tags (required, default: true) - Select whether to fetch container tags to the GUI.

    8. Fetch extra endpoints. If nothing is selected, only assets are fetched (required, default: Containers, Logs, Alerts, Compliance, Inventory) - Filter endpoint values to fetch by the specified endpoints. If no values are specified, only assets are fetched.

    9. Fetch inventory only for these types of assets. If empty, inventory will not be fetched (optional, default: vm, ec2spot) - Filter asset results to fetch by the specified inventory values. If empty, inventory won't be fetched.

    10. Fetch assets with current states. If nothing is selected, all asset states are fetched (optional) - Enter which current states to fetch assets. If nothing is selected, all asset states are fetched.

    11. Ignore devices that have not been seen by the source in the last X days (optional, default: 10) - Select whether to ignore devices not seen by the source in the last specified number of days.

    12. Use Asset Name as Hostname and Hostname as Asset Name (15 chars) for Azure Select this option to switch between the asset name value and the hostname value if the hostname has 15 characters and the cloud provider is Azure.

    13. List of asset tags to fetch - Enter a space separated list of the asset tags to fetch in the following format: < TAG NAME> = <TAG VALUE>. Both TAG_NAME and TAG_VALUE are case sensitive.

    14. Use CVSS Max Score as Risk Totals source - Select this option so that the source for the vulnerability risk level will be from CVSS Max Score

    Note:

    For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.


    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout