# XSOAR

<figure><img src="https://762006384-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MJXOXEifAmpyvNVL1to%2Fuploads%2FNEDCzzLwSHyRcRAEvmH2%2Fimage.png?alt=media&#x26;token=2287f523-4704-4233-8413-c8536f04bbca" alt=""><figcaption></figcaption></figure>

## About

Use credentials from your Keeper Vault in XSOAR workflows. Integrate with Keeper Secrets Manager to securely access all the platforms and services you connect to with XSOAR.

## Setup

#### Activate Keeper Secrets Manager

Follow the[ Quick Start Guide](https://docs.keeper.io/en/keeperpam/quick-start-guide#enable-secrets-manager) to enable Keeper Secrets Manager on your account.

#### Create A Keeper Secrets Manager Configuration

Follow the steps in the [documentation page](https://docs.keeper.io/en/keeperpam/secrets-manager/about/secrets-manager-configuration) to create a Secrets Manager configuration.

### Configure Keeper Secrets Manager on Cortex XSOAR <a href="#configure-keeper-secrets-manager-on-cortex-xsoar" id="configure-keeper-secrets-manager-on-cortex-xsoar"></a>

In XSOAR, follow these steps to configure the Keeper Secrets Manager integration.

1. Navigate to **Settings** > **Integrations** > **Servers & Services**.
2. Search for "Keeper Secrets Manager"
3. Click **Add instance** to create and configure a new integration instance.

<figure><img src="https://762006384-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MJXOXEifAmpyvNVL1to%2Fuploads%2FsR4DyRFHcKJRRVW0Rldu%2Fimage.png?alt=media&#x26;token=789a3a86-9251-402b-ac35-fb2202468d08" alt=""><figcaption><p>Configure the instance to use the Keeper Secrets Manager integration</p></figcaption></figure>

The following options are available to configure your XSOAR integration:

| Parameter                                            | Description                                                                                                                                                                                          |
| ---------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| KSM Configuration (Required)                         | <p>The KSM config to use for connection.<br>Paste in the configuration generated by the steps above.</p>                                                                                             |
| Trust any certificate                                | <p>When 'trust any certificate' is selected, the integration ignores TLS/SSL certificate validation errors.<br>Use to test connection issues or connect to a server without a valid certificate.</p> |
| Fetches credentials                                  | If selected, credentials are fetched from login records.                                                                                                                                             |
| Concat username to credential object name            | when selected, the username and credential name will be combined. Use to make the credential object unique in case of duplicate names in different folders/secrets.                                  |
| A comma-separated list of credential names to fetch. | Partial names are not supported. If left empty, all credentials will be fetched.                                                                                                                     |

{% hint style="info" %}
Once configured, click **Test** to validate the URLs, token, and connection.
{% endhint %}

## Available KSM Commands

The following commands can be used in XSOAR. Use these commands to fetch records and files from the Keeper Vault. Only records that are shared to the Secrets Manager Application can be accessed by these commands.

#### List Available Credentials

```
!ksm-list-credentials
```

This command will only show records which can be used as credentials in XSOAR. Records must have a login and password to be used as a credential.

#### List Available Records

```
!ksm-list-records
```

This command shows all records available to XSOAR through the KSM Application.

#### Get a Keeper Record by Title

```
!ksm-find-records title="<RECORD TITLE>"
```

add `partial_match=True` to use partial matching of the record title

#### Get a Value From a Keeper Record

```
!ksm-get-field notation="keeper://<UID>/field/login"
```

{% hint style="info" %}
See the [Keeper Notation documentation](https://docs.keeper.io/en/keeperpam/secrets-manager/about/keeper-notation) for more details on using keeper notation to identify fields
{% endhint %}

#### List Files Attached to Keeper Records

```
!ksm-list-files
```

#### Get a File from a Keeper Record

```
!ksm-get-file file_uid="<UID>"
```

```
!ksm-get-infofile file_uid="<UID>"
```

#### Find Records That Have Files Attached With Given Filename

```
!ksm-find-files file_name="<FILENAME>"
```

## Using Commands in a Playbook

To use Keeper Secrets Manager commands in your XSOAR playbooks, click "Task Library" and search for "Keeper" to show all the available commands.

<figure><img src="https://762006384-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MJXOXEifAmpyvNVL1to%2Fuploads%2FwNx6gyeABlF7lHecurD6%2Fimage.png?alt=media&#x26;token=30045aaa-079d-4e3e-92cf-811bfb30dbfa" alt=""><figcaption><p>List Available Keeper Commander</p></figcaption></figure>

Select a command to use and fill in the required fields if any.

### Example: Get a Password From a Keeper Record

Fetch a password from the Keeper Vault to login to other services in your playbook.

1. Search for the "ksm-get-field" command and click to add it to your playbook
2. Enter Keeper notation pointing to the password using the UID of the record you want to use.\
   This will look like: `<UID>/fields/password`<br>

   <figure><img src="https://762006384-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MJXOXEifAmpyvNVL1to%2Fuploads%2F5aamsq2VsDlt7K2fQhsH%2Fimage.png?alt=media&#x26;token=6cb83b52-b305-4c6b-adaf-364cd53a36a7" alt=""><figcaption></figcaption></figure>

   *Any field in a record can be fetched this way. See* [*Keeper Notation documentation*](https://docs.keeper.io/en/keeperpam/secrets-manager/about/keeper-notation) *for more information*
3. Click "OK" to add the task to your playbook<br>

   <figure><img src="https://762006384-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MJXOXEifAmpyvNVL1to%2Fuploads%2F7G9zceIZodTE3aOrn6cd%2Fimage.png?alt=media&#x26;token=e45a7efc-158d-4870-b303-73ded72f37a3" alt=""><figcaption></figcaption></figure>

You can add additional tasks after the ksm-get-field task to use the password.