Before you start with IBM Resilient

Review this information about requirements and dependencies before installing EclecticIQ Platform Integration for IBM Resilient.

Requirements

• IBM Resilient platform version 28 or later.

• EclecticIQ Platform version 2.4.0 or later.

• The IBM Resilient and EclecticIQ Platform instances can communicate through HTTPS.
  By default, the communication protocol is TCP, and the corresponding port is 443.

• You can access the IBM Resilient command line terminal, and you can run commands.

• You can create integration users and groups in the EclecticIQ Platform instance.

Dependencies

The following additional components must be installed on the IBM Resilient instance:

• resilient-circuits: Resilient Circuits Framework for Custom Integrations.

• rc-cts: Resilient Circuits Custom Threat Service Component.

• rc-webserver: Resilient Circuits Web Server Component.

• keyring: library providing Python access to the system keyring service.
  

  About keyring and Python compatibility

  • Python 2.7 is compatibile with keyring versions 18.0.1 and earlier.

  • Python 3 is compatibile with keyring versions 19.0.0 and later.

To install the additional components:

1. Open a terminal session.

2. Run pip install:

   # IBM Resilient dependencies

   sudo pip install resilient_circuits

   sudo pip install rc-cts

   sudo pip install rc-webserver

    

   # Keyring password manager

   sudo pip install keyring

    

   # Alternate keyring backend implementations

   sudo pip install keyrings.alt

Integration user

Optionally, it is possible to assign the integration a dedicated automation user.
For the integration to work as expected, the user must have administrator-level access rights.

When you configure the integration and edit the IBM Resilient app.config file, specify email address, password, and organization details related to this user.

To create a new IBM Resilient user:

1. Open a terminal session in the IBM Resilient instance.

2. Run the following command:
   

   # Replace the "[email protected]", "Darth", "Vader", and "Empire" placeholders with

   # actual values that apply to the user you are creating:

   # - A valid email address for the integration user.

   # - The integration user's name.

   # - The integration user's family name.

   # - The organization the integration user belongs to.

    

   sudo resutil newuser -createorg -email "[email protected]" -first "Darth" -last "Vader" -org "Empire"