Connectors allow Lucidum to ingest data from your environment and discover, identify, and classify assets, data, and users.
Lucidum includes pre-built connectors for the most commonly used solutions for security, vulnerability scanning, cloud, data warehouse, identity management, logs, network, endpoint management, IP management, file sharing, and devops.
Profiles #
To configure a connector, you provide credentials that allow Lucidum secure, read-only access to a specific deployed solution. These credentials are called a profile.
A connector can have multiple profiles.
For example, you might have multiple profiles for an AWS connector.
- One profile could provide access to a public-facing service.
- Another profile could provide access to an internal server.
Viewing the List of Connectors #
To view the list of Connectors on your Lucidum system:
- In the left pane, click the Connectors icon.
- In the Connectors page, you can view the list of connectors.
- The connectors are categorized as:
- Errors. If a connector has one or more profiles with an error, the connector appears in the Errors pane. Note that a connector can appear in the Errors pane even if some profiles do not have errors. If a single profile has errors, the connector appears in the Errors pane.
- Disabled. If a connector has one or more profiles that are disabled, and no profiles with errors, the connector appears in the Disabled pane. Note that a connector can appear in the Disabled pane even if some profiles are enabled. If a single profile is disabled, and there are no profiles with errors, the connector appears in the Disabled pane.
- Enabled. If a connector has only profiles that are enabled, and no profiles have errors, the connector appears in the Enabled pane.
- Available. These connectors have not been configured for use.
Viewing Details About the List of Connectors #
To view the list of Connectors on your Lucidum system:
- In the left pane, click the Connectors icon.
- In the Connectors page, you can view the list of connectors.
- The Connectors page displays the following:
- 1. Errors pane. If a connector has one or more profiles with an error, the connector appears in the Errors pane. Note that a connector can appear in the Errors pane even if some profiles do not have errors. If a single profile has errors, the connector appears in the Errors pane.
- 2. Red icon that displays the number of profiles with errors.
- 3. Disabled pane. If a connector has one or more profiles that are disabled, and no profiles with errors, the connector appears in the Disabled pane. Note that a connector can appear in the Disabled pane even if some profiles are enabled. If a single profile is disabled, and there are no profiles with errors, the connector appears in the Disabled pane.
- 4. Gray icon that displays the number of profiles that are disabled.
- 5. Enabled pane. If a connector has only profiles that are enabled, and no profiles have errors, the connector appears in the Enabled pane.
- 6. Green icon that displays the number of enabled profiles.
- 7. Available pane. These connectors have not been configured for use.
- 8. Filter Connectors by Group. View connectors by categories like Cloud Security, Application Management, and Identity Access Management.
- 9. Search. Search for connectors by name.
Viewing Details About a Single Connector Profile #
To view details about a connector profile:
- In the left pane, click the Connectors icon.
- In the Connectors page, you can view the list of connectors.
- When you find the connector you want to view, click on its icon.
- The Settings page appears.
- The Configured Profiles pane displays the following:
- 1. Description of the connector. The connector name.
- 2. Name of the profile. A profile is the credentials that allow Lucidum secure, read-only access to a specific deployed solution. These credentials are called a profile. A connector can have multiple profiles.
- 3. Page icon. Click this icon to view documentation about the connector. The documentation appears in a new page.
- 4. Plus-sign icon. Add a new profile.
- 5. Edit icon. Edits the selected profile.
- 6. MetaBlocks icon. Assign the connector profile to a MetaBlock. For details, see Adding Connectors to MetaBlocks.
- 7. Delete icon. Click this icon to delete a profile.
- 8. Red toggle icon. Profile is enabled but has errors.
- 9. Green toggle icon. Profile is enabled and does not have errors.
- 10. Gray toggle icon. Profile is disabled.
- 11. Key icon. AWS Key Management system is disabled (strikethrough) or enabled.
- To get immediate information about a connector, you can test the connector.
- For detailed logs about your connectors, contact Lucidum Customer Success.
Adding a Connector #
To configure a connector for use with Lucidum:
- In the left pane, click the Connectors icon.
- In the Connectors page, you can view the list of connectors.
- Look for the connector in the Available category.
- When you find the connector you want to add, click on its icon.
- In the Settings page, in the Configured Profiles pane, click the Add a New Connector icon (plus-sign).
- Populate the fields in the Add a New Profile pane (right pane). This new profile will be the default profile for the connector.
- For details on configuring each type of Connector, see the specific documentation page for that Connector.
NOTE: Only the account type Lucidum Support can view masked fields. If another type of user account modifies a credential field, that account can view the new value before saving the value but cannot view again after saving.
Testing a Connector #
While in the Settings page, in the Add a New Profile pane, you can click Save icon (disc) to test a profile.
- If the profile configuration is correct, Lucidum displays a list of services that are available with the connector. You can click Enable Successful Services.
- If the profile configuration is not correct, Lucidum displays an error message or the message “Services Not Available”.
To test a profile:
- In the left pane, click the Connectors icon.
- In the Connectors page, you can view the list of connectors.
- Look for the connector in the Errors, Disabled, or Enabled category. These are connectors that have already been configured.
- When you find the connector you want to test, click on its icon.
- In the Settings page, in the Configured Profiles pane, select the profile you want to test.
- Ensure that the connector is enabled.
- Click the Save (disc) icon.
- If testing is successful, you will see a list of enabled services. You can click Enable All Successful Services or individually select services to use.
Error Codes for Connectors #
The following is the list of error codes for Connectors:
| API Error Code | General Meanings | Possible Resolutions |
|---|---|---|
| 400 | Bad Request Error. Usually means that you did not correctly format your API request. | Check the connector documentation. Validate that the connector parameters (for example, URL parameter or API key). Validate the API payload. You could be missing a query, a field in the request body, or a header field could be wrong. It could also be that some of your request data might have incorrect syntax. |
| 401 | Unauthorized Error. Usually means you have not successfully authenticated against the API. | Check the credentials (username, password, or API token may be wrong) |
| 403 | Forbidden Error. The forbidden status indicates that you do not have permission to request that URL. Either your authentication failed or authentication was successful, but you do not have permissions to make the API request. | Check credentials and permissions/scopes. The user name or API token might not have the required permissions/scopes/roles assigned. |
| 404 | Not Found Error. Indicates that the URL in your request does not exist on the API server. This can also indicate a server problem. | Check the target URL/hostname/IP address. These might not be correct or reachable, or might need a tunnel proxy to access. |
| 405 | Method Not Allowed. This indicates that the client tried to use an HTTP method (GET, POST, PUT, DELETE) that the resource does not allow. For example, a read-only resource might not support POST, and a controller resource might allow GET and POST, but not PUT or DELETE. | Check the source API documentation and make sure the connector is using the correct request method. Check the API version. Are you using an older API version that does not support specific methods? Contact Lucidum technical support if you need to downgrade/upgrade your API. Lucidum can check make necessary changes to the connector code. |
| 406 | Not Acceptable. Indicates that the API is not able to generate the client’s preferred media types, as indicated by the Accept request header. For example, a client request for data formatted as application/xml generates a 406 response if the API formats data only as application/json. | Check the source documentation for the API to find the supported media types. Check the request header for the connector. Make sure the Accept type is supported |
| 408 | Request Timeout Error. Indicates that API requests have timed out. | Check the target URL/hostname/IP address. These might not be correct or reachable, or might need a tunnel proxy to access. Check the target network connection or tunnel proxy connection if proxy is used. |
| 415 | Unsupported Media Type. The media-type specified in the Content-type of the request is not supported by the server. | Check the source documentation for the API to find the supported media types. Check the request header for the connector. Make sure the Content-type is supported |
| 429 | Too Many Requests. Indicates the API requests are too frequent and over the preset limits of the API server. | On the API server, increase the API request limit if possible Contact Lucidum technical support to modify the connector code with API request throttling |
| 500 | Internal Server Error. Indicates that the API server is not currently accepting requests. | Check that the target URL/hostname/IP address is available. For example, is the server down or in maintenance? Check the settings on the target API server. Look for settings for rate limits, blacklisting, or other settings that may block the connection. Check the connector documentation to ensure you entered the correct information. Check the documentation for the API and check the required format for query fields, body fields, headers, and format. |
| 501 | Not Implemented. This is is related to the HTTP method (GET, POST, PUT, DELETE) you used to request an URL. Usually, an HTTP request with the wrong method results in a 404 not found status. The Not Implemented” status implies that the method is not supported “yet.” The API creator can use this status to tell the clients that this method will be available to them in future requests. | Check the API version. Are you using an older API version that does not support specific methods? Contact Lucidum technical support if you need to downgrade/upgrade your API. Lucidum can check make necessary changes to the connector code. |
| 502 | Bad Gateway Error. This error occurs when you use a gateway or proxy server to send requests to the API server. The proxy server then calls the API server in your name. This error indicates that the API server did not send a response. This could be related to a network problem, or simply because the API server crashed, or was down for maintenance. | Check that the target URL/hostname/IP address is available. For example, is the server down or in maintenance? Check the settings on the target API server. Look for settings for rate limits, blacklisting, or other settings that may block the connection. Check target network connection or tunnel proxy connection if proxy is used |
| 503 | Service Unavailable. Indicates a server error. For example, too many API requests were sent and the API server cannot accept more API requests right now. | Check that the target URL/hostname/IP address is available. For example, is the server down or in maintenance? Check the settings on the target API server. Look for settings for rate limits, blacklisting, or other settings that may block the connection. On the API server, increase the API request limit if possible Contact Lucidum technical support to modify the connector code with API request throttling |
| 504 | Gateway Timeout Error. This error occurs when you use a gateway or proxy server to send requests to the API server. The proxy server then calls the API server in your name. This error indicates that the API server did not respond before the request was timed out. This error can be related to high network latency between the proxy and the API server. It can also mean that that API server is slow and takes too long to process your request. | Check that the target URL/hostname/IP address is available. For example, is the server down or in maintenance? Check the settings on the target API server. Look for settings for rate limits, blacklisting, or other settings that may block the connection. Check that network connection for the server and for the tunnel proxy connection |
Editing a Connector #
To edit the settings in an already configured profile:
- In the left pane, click the Connectors icon.
- In the Connectors page, you can view the list of connectors.
- Look for the connector in the Errors, Disabled, or Enabled category. These are connectors that have already been configured.
- When you find the connector you want to edit, click on its icon.
- In the Settings page, in the Configured Profiles pane, find the profile you want to edit.
- Click the Edit icon (pencil) for the connector profile.
- Edit the fields in the right pane. For details on configuring each type of Connector, see the specific documentation page for that Connector.
- Click the Save Profile (disc) icon to save your changes.
Adding Connectors to MetaBlocks #
Lucidum includes a feature called MetaBlocks. MetaBlocks allow you to group Dashboards, Connectors, Actions, SmartLabels, and Saved Queries, similar to how you would use a folder. You can store related items in a single MetaBlock.
To add a Connector to a MetaBlock:
- In the Connectors page, you can view the list of connectors.
- Look for the connector in the Errors, Disabled, or Enabled category. These are connectors that have already been configured.
- When you find the connector you want to align with a MetaBlock, click on its icon.
- In the Settings page, in the Configured Profiles pane, find the profile you want to view.
- Click the Add MetaBlocks icon for the Connector Profile.
- In the Assign MetaBlocks modal page, in the MetaBlocks field, select one or more MetaBlocks to align with the Connector Profile.
- Click Assign.
Viewing MetaBlocks Aligned with a Connector #
To view the MetaBlocks associated with a Connector profile:
- In the Connectors page, you can view the list of connectors.
- Look for the connector in the Errors, Disabled, or Enabled category. These are connectors that have already been configured.
- When you find the connector you want to view, click on its icon.
- In the Settings page, in the Configured Profiles pane, find the profile you want to align with a MetaBlock.
- Click the Add MetaBlocks icon for the Connector Profile.
- In the Assign MetaBlocks modal page, the MetaBlocks field displays the MetaBlocks aligned with the Connector Profile.
- Click Cancel.
Deleting Connectors from MetaBlocks #
To delete a Connector from a MetaBlock:
NOTE: This will not delete the Connector or the MetaBlock. This action removes the relationship between the Connector and the MetaBlock.
- In the Connectors page, you can view the list of connectors.
- Look for the connector in the Errors, Disabled, or Enabled category. These are connectors that have already been configured.
- When you find the connector you want to delete from a MetaBlock, click on its icon.
- In the Settings page, in the Configured Profiles pane, find the profile you want to delete from a MetaBlock.
- Click the Add MetaBlocks icon for the Connector Profile.
- In the Assign MetaBlocks modal page, the MetaBlocks field displays the MetaBlocks aligned with the Connector Profile.
- To deelete a MetaBlock, click its delete icon (trashcan).
- Click Assign.
Adding an Additional Profile to an Existing Connector #
If you want to ingest data from multiple instances of an asset, you can add an additional profile to an already configured connector. To do this:
- In the left pane, click the Connectors icon.
- In the Connectors page, you can view the list of connectors.
- Look for the connector in the Errors, Disabled, or Enabled category. These are connectors that have already been configured.
- When you find the connector you to which want to add a profile, click on its icon.
- In the Settings page, in the Configured Profiles pane, click the Add a New Profile icon (plus-sign).
- In the right pane, in the Create a New Profile pane, enter values in the fields. For details on configuring each type of Connector, see the specific documentation page for that Connector.
- Click the Save Profile (disc) icon to save your new profile.
- To enable the connector, click the Connection Status icon until it shows the green checkmark.
Deleting a Profile from an Existing Connector #
To delete a profile from a connector:
- In the left pane, click the Connectors icon.
- In the Connectors page, you can view the list of connectors.
- Look for the connector in the Errors, Disabled, or Enabled category. These are connectors that have already been configured.
- When you find the connector you from which you want to delete a profile, click on its icon.
- In the Settings page, in the Configured Profiles pane, find the profile you want to delete and click its Delete (trash can) icon.
</p
Configuring a Connector to Use a Proxy Server #
A proxy server allows Lucidum connectors that run on your SaaS account to fetch data securely from your on-premises assets.
- In the left pane, click the Connectors icon.
- In the Connectors page, you can view the list of connectors.
- Look for the connector in the Errors, Disabled, or Enabled category. These are connectors that have already been configured.
- In the Settings page, in the Configured Profiles pane, click the Edit icon (pencil.
- View the right pane for the Connector Profile. If the connector supports a proxy, it will include the Proxy field.
- Enter the following in the Proxy field:
- 192.168.255.6:3128
This is the IP address and port number of the proxy service inside the docker container on the proxy server.
For more details on configuring a proxy server, see Configuring a Proxy Server.
What Data Does the Connector Ingest? #
Lucidum allows you to view details about each active connector:
- View a list of all assets that include data from an active connector
- View a list of asset fields ingested by an active connector
- View a list of all users that include data from an active connector
- View a list of user fields ingested by an active connector
Lucidum also allows you to view details about how each active connector contributes to an individual asset record or user record:
- View the list of connectors that contribute to an asset or user record
- View the fields and values that each connector contributes to an asset record or user record
