Configuration file

Data Flow service uses DataflowsConfig.xml configuration file. The file is located in the default installation path: C:\Program Files (x86)\BigFix Enterprise\Dataflow. The file contains three sections: Data Sources, Data Flows, and Settings. All tags and attribute names in the file must be in lower case. There is also an DataFlowsConfig.xsd file that you can use to validate the configuration file on startup.

<datasources>
The <datasources> tag of the Configuration File represents a collection of the different data sources that the solution is configured to interact with. For a configuration to be valid, two datasources are required at the minimum. The <datasourcename> attribute should be unique.
The <datasource> tag is a child node of the <datasources> tag in the configuration document and represents the configuration information for a single datasource.
Table 1. Attribute details of the configuration file
Attribute name Default value Required Description
datasourcename N/A Yes This attribute is used to uniquely identify the datasource. With this attribute, datasources can be mapped to specific adapters within each data flow.
Note: The datasourcename attribute's values should be "TenableSC" or "TenableIO" for Tenable. Ex: <datasource datasourcename="TenableIO" .../>
connectionstring N/A Yes URL of the respective data sources. For example: https://[QualysAPIURL],https://[TenableAPI_URL]:443
Note: Port number is not required for Tenable.io. Ex: https://cloud.tenable.com
username N/A System generated This attribute is managed through the ProvideCredentials command. The data is encrypted prior to being persisted in the configuration file.
password N/A System generated This attribute is managed through the ProvideCredentials command. The data is encrypted prior to being persisted in the configuration file.
verifycert True No This attribute enables or disables SSL certificate validation with this data source.
Tenable.sc: If verifycert set to true ensure that the certificates for internal Certificate Authorities (CAs) include the following:
  • Root Certificates
  • Intermediate Certificates
Default vaule for Tenable.sc is False
proxy_host N/A Yes This attribute provides the proxy server host along with a port number (format: HTTP:// or HTTPS://proxy_host:proxy_port).
proxy_username N/A Optional This attribute is managed through the configureproxy command. The data is encrypted prior to being persisted in the configuration file.
proxy_password N/A Optional This attribute is managed through the configureproxy command. The data is encrypted prior to being persisted in the configuration file.
Note: If the verify cert is set to True in case of proxy, ensure the proxy machine certificate is added to the client of the machine.
<dataflows>
The <dataflows> tag of the configuration file represents a collection of the different data flows that the solution is configured to execute.
Each <dataflow> tag represents an instance of the flow of data from one system to another and consists of a Source Adapter tag and a Target Adapter tag.
Table 2. Attribute details of the configuration file.
Attribute name Required Description
displayname Yes This attribute is used to describe the individual data flow.
datatype Yes asset (only for Asset Exchange)/finding (for all other dataflows)
schedule* Yes Find more information about schedule here

Schedule*

Cron Time String Format: The Cron time string format consists of five fields that Cron converts into a time interval. Cron then uses this interval to determine how often to schedule the DataFlow. 5 place values specify Minute, Hour, Day of the Month, Month, Day of the week respectively.

Character Descriptor Acceptable values
1 Minute 0 to 59, or *** (no specific value)
2 Hour 0 to 23, or *** for any value. The time is your local server time.
3 Day of month 1 to 31, or *** (no specific value)
4 Month 1 to 12, or *** (no specific value)
5 Day of the week 0 to 7 (0 and 7 both represent Sunday), or *** (no specific value)
Example usecases:
  • Execute data flow after specific minutes past the hour, every hour.
  • Execute data flow at specific time of local server time every Monday.
  • Execute data flow every five minutes.
  • Execute data flow every second hour, on the hour.

Example1: Cron time string of 0 10 15 * * executes a command on the 15th of each month at 10:00 A.M. local server time.

Example2: Cron time string of 10/30 10 * * * executes a command on the 10th minute of 10th hour of each day and for every 30 minutes thereafter.

Note: The scheduler value should be configured one minute later to the current time if the dataflow needs to be executed immediately once the start of DataFlows service. For example, if the current time is 11:35:30 the scheduler can be configured to 36 11 * * *.
Note: When initially testing the integration, “now” can be used in the scheduler and Dataflow execution can be tested manually. Once the configuration works, then configure the schedule as per convenience. Ex: schedule = “now”.
<sourceadapter>
The <sourceadapter> tag identifies the source system from which the data is extracted. It must include a Properties collection, with a minimum of one property being valid.
Table 3. Attribute details of the configuration file
Attribute name Required Description
displayname Yes This attribute is used to describe this adapter configuration.
adapterclass Yes qualys , tenable, insight (for Asset Exchange only)

This attribute determines which adapter is used to extract data from the data source
datasourcename Yes This attribute value must match the name of a data source defined in the data sources collection. It is used to provide connection information to the adapter.
<targetadapter>
The <targetadapter> tag identifies the target system into which the data is loaded. It must include a Properties collection, with a minimum of one property being valid.
Table 4. Attribute details of the configuration file
Attribute name Required Description
displayname Yes This attribute is used to describe this adapter configuration.
adapterclass Yes insight, tenable

This attribute determines which adapter is used to extract data from the data source
datasourcename Yes This attribute value must match the name of a data source defined in the data sources collection. It is used to provide connection information to the adapter.
<device_properties>
The <device_properties> tag represents a collection of properties in a specific adapter. Each property in this collection is mapped by position to the collection in the corresponding target or source adapter. Target and source adapter devices are mapped with weight attribute in <identityproperty> tag.


Note: By default, there are two dataflows in Tenable.io: Tenable.io dataflow and Asset Exchange dataflow. To disable Asset Exchange dataflow, delete the part of the XML file that includes AE dataflow. Important: Dataflow must be deleted from XML file, not commented out.

<property>
The <property> tag represents a single column of data that is either extracted from or loaded into a system. It may include simple transformation logic to facilitate the transformation of the data received.
Table 5. Attribute details of the configuration file
Attribute name Required Description
displayname Yes This attribute is used to describe the property being configured.
propertyname Yes This attribute is used to identify the corresponding column using a notation specific to each adapter.
datatype Yes Type: String
weight No This attribute assigns a weight to the property, which is used for the weighted confidence matching of records. Type: Int.
<settings>
The <settings> tag represents a collection of settings for the solution. For a detailed list of settings, see Configuration settings for IVR solution.
Table 6. Attribute details of the configuration file
Attribute name Required Description
key Yes This attribute is the name of the setting that is being configured.
value yes This attribute is the value of the setting that is being configured.