Artifactory
Visualize JFrog Artifactory repository groups, code repositories, builds, keys, permissions, user groups, and users, and monitor changes through queries and alerts.
- Installation
- Data Model
- Types
Installation
For this integration, JupiterOne requires the namespace of your Artifactory account. It also requires are a Client Access Token, Client Pipeline Access Token, and the Client Administrator Name that granted the access tokens.
Configuration in Artifactory
Configure API access tokens in Artifactory using the instructions in the Access Tokens guide.
Data Volume Configuration
Control how much data is ingested from Artifactory to manage storage and processing.
Ingestion Windows (Time Ranges)
| Field | Description | Default | Options |
|---|---|---|---|
| Artifacts Ingestion Window | Ingest artifacts created within the last X days | 30 | 30, 60, 90, 365 |
How it affects data volume: A longer ingestion window retrieves more artifacts from Artifactory, increasing the number of artifact entities stored in JupiterOne.
Data Filtering Options
| Field | Type | Description | Default |
|---|---|---|---|
| Included Vulnerability Severities | Multi-select | Select vulnerability severities to ingest | Medium, High, Critical |
| Include Repository Artifacts | Array | Comma-separated list of repositories from which artifacts will be ingested. Excludes all others. | None (all repositories) |
How it affects data volume:
- Severity filtering reduces vulnerability entities by excluding low-severity findings. By default, only Medium, High, and Critical vulnerabilities are ingested.
- Repository filtering limits artifact ingestion to specified repositories, significantly reducing data when only specific repositories are needed.
Configuration in JupiterOne
To install the JFrog Artifactory integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select Artifactory. Click New Instance to begin configuring your integration, providing the following:
-
Account Name used to identify the JFrog Artifactory account in JupiterOne. Ingested entities will have this value stored in
tag.AccountNamewhen theAccountNameoption is enabled. -
Description to assist in identifying the integration instance, if desired.
-
Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as
DISABLEDand manually execute the integration. -
Client Namespace of your Artifactory account.
-
Client Access Token configured in your Artifactory account.
-
Client Pipeline Access Token configured in your Artifactory account.
-
Client Administrator Name, or username of the administrator who granted the Artifactory access tokens.
Click Create once all values are provided to finalize the integration.
Next steps
Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.
Entities
The following entities are created:
| Resources | Entity _type | Entity _class |
|---|---|---|
| AccessToken | artifactory_access_token | Key, AccessKey |
| Account | artifactory_account | Account |
| ArtifactCodeModule | artifactory_artifact_codemodule | CodeModule |
| Build | artifactory_build | Configuration |
| Finding | artifactory_vulnerability_finding | Finding, Vulnerability |
| Group | artifactory_group | UserGroup |
| Permission | artifactory_permission | AccessPolicy |
| PipelineSource | artifactory_pipeline_source | CodeRepo |
| Repository | artifactory_repository | Repository |
| RepositoryGroup | artifactory_repository_group | Group |
| User | artifactory_user | User |
Relationships
The following relationships are created:
Source Entity _type | Relationship _class | Target Entity _type |
|---|---|---|
artifactory_access_token | ASSIGNED | artifactory_user |
artifactory_account | HAS | artifactory_group |
artifactory_account | HAS | artifactory_access_token |
artifactory_account | HAS | artifactory_user |
artifactory_account | HAS | artifactory_repository |
artifactory_account | HAS | artifactory_repository_group |
artifactory_account | HAS | artifactory_pipeline_source |
artifactory_artifact_codemodule | HAS | artifactory_vulnerability_finding |
artifactory_build | CREATED | artifactory_artifact_codemodule |
artifactory_group | HAS | artifactory_user |
artifactory_permission | ASSIGNED | artifactory_user |
artifactory_permission | ASSIGNED | artifactory_group |
artifactory_permission | ALLOWS | artifactory_repository |
artifactory_permission | ALLOWS | artifactory_build |
artifactory_permission | ALLOWS | artifactory_repository_group |
artifactory_repository | HAS | artifactory_artifact_codemodule |
Artifactory User
artifactory_user inherits from User
| Property | Type | Description | Specifications |
|---|---|---|---|
disableUIAccess | boolean | ||
internalPasswordDisable | boolean | ||
mfaStatus | boolean | ||
policyManager | boolean | ||
profileUpdatable | boolean | ||
realm | string | ||
reportsManager | boolean | ||
watchManager | boolean |
Artifactory Vulnerability Finding
artifactory_vulnerability_finding inherits from Finding, Vulnerability